Once the necessary network services are
configured, it is important to implement a firewall.
Firewalls prevent network packets from accessing the system's
network interface. If a request is made to a port that is blocked
by a firewall, the request is ignored. If a service is listening on
one of these blocked ports, it does not receive the packets and is
effectively disabled. For this reason, care should be taken when
configuring a firewall to block access to ports not in use, while
not blocking access to ports used by configured services.
For most users, the best tool for configuring a simple firewall
is the straight-forward, graphical firewall configuration tool
which ships with Red Hat Enterprise Linux: the Security Level Configuration Tool (system-config-securitylevel). This tool creates
broad iptables rules for a general-purpose
firewall using a control panel interface.
For more information about using this application and the
options it offers, refer to the chapter titled Basic Firewall Configuration in the Red Hat Enterprise Linux System Administration
Guide.
For advanced users and server administrators, manually
configuring a firewall with iptables is
likely the best option. Refer to Chapter 7
Firewalls for more information. For a comprehensive
guide to the iptables command, consult the
chapter titled iptables in the Red Hat
Enterprise Linux Reference Guide.