The Firewall Configuration window is
similar to the screen in the installation program and the Security Level Configuration Tool.
If Disable firewall is selected, the
system allows complete access to any active services and ports. No
connections to the system are refused or denied.
Selecting Enable firewall configures the
system to reject incoming connections that are not in response to
outbound requests, such as DNS replies or DHCP requests. If access
to services running on this machine is required, you can choose to
allow specific services through the firewall.
Only devices configured in the Network
Configuration section are listed as available Trusted devices. Connections from any devices
selected in the list are accepted by the system. For example, if
eth1 only receives connections from
internal system, you might want to allow connections from it.
If a service is selected in the Trusted
services list, connections for the service are accepted and
processed by the system.
In the Other ports text field, list any
additional ports that should be opened for remote access. Use the
following format: port:protocol. For
example, to allow IMAP access through the firewall, specify
imap:tcp. Specify numeric ports can
also be specified; to allow UDP packets on port 1234 through the
firewall, enter 1234:udp. To specify
multiple ports, separate them with commas.
Although configuration for SELinux is not specified in the
Kickstart Configurator, kickstart
enables SELinux in enforcing mode by
default if the selinux parameter is
omitted from the kickstart file.
