Once the necessary network services are configured, it is important
to implement a firewall.
Firewalls prevent network packets from accessing the system's network
interface. If a request is made to a port that is blocked
by a firewall, the request is ignored. If a service is listening on one
of these blocked ports, it does not receive the packets and is
effectively disabled. For this reason, care should be taken when
configuring a firewall to block access to ports not in use, while not
blocking access to ports used by configured services.
For most users, the best tool for configuring a simple firewall is the
straight-forward, graphical firewall configuration tool which ships with
Red Hat Enterprise Linux: the Security Level Configuration Tool
(system-config-securitylevel). This tool creates
broad iptables rules for a general-purpose firewall
using a control panel interface.
For more information about using this application and the options it
offers, refer to the chapter titled Basic Firewall
Configuration in the Red Hat Enterprise Linux System Administration Guide.
For advanced users and server administrators, manually configuring a
firewall with iptables is likely the best
option. Refer to Chapter 7 Firewalls for more information. For a
comprehensive guide to the iptables command, consult
the chapter titled iptables in
the Red Hat Enterprise Linux Reference Guide.
