Basic Settings of Your Firewall Through YaST
Novell Cool Solutions: Feature
By Jason Jones
Digg This -
Posted: 15 Dec 2004
Many people have switched to Linux based solely on the insecurity of Windows. They are tired of the hassle of keeping up with the latest virus going around, applying patches, and worrying about whether or not their operating system will boot the next day.
Let's face it; Linux, due to many factors, is just a more stable and secure product. There aren't as many viruses written for it, it's not as easy to hack into, and it doesn't default to running in administrator mode.
With all of this going for Linux, Novell Linux Desktop takes it a step further and gives you a great tool to easily configure a basic firewall to define what programs are allowed, and what programs are not allowed in to your computer.
In YaST, there is a firewall configuration tool everyone should become familiar with. It is found by going into YaST and choosing the firewall option.
*note* Configuring a firewall can be a very complex ordeal. This article is meant to be a simple overview of the options in YaST's firewall configuration tool, easily understood by all Linux users.
In GnomeIn Gnome, simply follow: System -> Administrator Settings
In KDEIn KDE, follow: "N" -> System -> Control Center (YAST)
After you click on Control Center, you'll be asked for the root password.
Once you've entered your password, YaST should open up and allow you to continue.
Configuring your firewallOnce you've got YaST opened, click on "Security and Users" in the left-hand panel, and then click on "Firewall" in the content window.
When you've done that, another window will open.
As you can see, this is the first of a four-step configuration wizard which will help you make your system suit your needs.
*note* If you have one computer connected to the Internet and you are not running any servers, or play any online games, you probably don't need to change any of these settings. The defaults are very safe.
*warning* Be careful when changing any of these settings. An incorrect configuration can lead to a potentially less secure system. If in doubt, leave it the way it is.
If your computer only has one network interface card (which most systems do), you'll most likely just want to click next.
If your computer has two network interface cards, and you want to protect both cards, select the appropriate cards from the pull-down menu and click Next.
This screen has controls that allow individual services to be turnd on or off. If you are running a web server, you'll want to check the two boxes under Web Server. If you're not running any services on your machine, don't change anything. The default configuration is very safe.
After you're satisfied with your configuration, click Next
Again, if you only have one computer hooked up to the Internet, the default settings here should be sufficient.
If you're connected to an internal network, you'll want to look at the descriptions of "Protect from Internal Network" and "Forward Traffic and Do Masquerading" (a detailed description is beyond the scope of this article)
After you're done configuring that section, click Next
These settings are for documenting what the firewall does. Again, the default settings should be sufficient for most people.
If you want extensive documentation, click the "Log All Dropped Packets" and "Log All Accepted Packets". I recommend against it, unless you know what you're doing.
Click Next and you're almost finished.
Click Continue and you're finished.
Your firewall is now configured and operational.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com