Red Hat Enterprise Linux 5 Administration Unleashed

CHAPTER 24Configuring a FirewallAs an administrator in today’s world of networkedcomputing and easy access to the Internet, security bothinternally and externally must be the first and last issueconsidered. Denying unauthorized access is the first step tokeeping your system secure. The mechanism to preventaccess to all or some network services on a system is calleda firewall.Every operating system allows for the implementation of afirewall differently. Red Hat Enterprise Linux uses IPTables,a network packet-filtering mechanism in the Linux kernel.IPTables can be used to allow or deny packets based onnumerous factors including their destination, their source,which port they are trying to access, the user ID of theprocess that created the packet, and more.IN THIS CHAPTER. Selecting a Table andCommand for IPTables. Selecting IPTables Options. Using IPTables MatchExtensions. Using IPTables TargetExtensions. Starting and Stopping theIPTables Service. Saving the IPTables Rules. IPTables Examples. Enabling the Default FirewallInstall the iptables RPM package to use IPTables. Itincludes utilities to configure which packets to filter. Referto Chapter 3, “Operating System Updates,” for instructionson installing packages.The IPTables configuration consists of a series of rules. Eachrule must be for a specific table, with each table having itsown set of chains. A chain is a list of rules, which arecompared to the packets passed through the chain. If a setof packets matches a chain, the target of the rule tells thesystem what to do with the packets, including passing italong to a different chain.This chapter discusses how to write and enable IPTablesrules. It also discusses the Red Hat Enterprise Linux securitylevels, which are predefined sets of IPTables rules. They canbe used to quickly implement a basic firewall.