Red Hat Linux Fedora For Dummies [Electronic resources] نسخه متنی

Firing Up Your Firewall (And Dousing the Flames)

The preceding section describes how to display your firewall-filtering rules. However, you certainly don’t want to manually enter these rules every time you reboot your computer. This section shows you how to automate your firewall. We show you how to make use of the Red Hat utilities that save the rules you just created and start up the firewall whenever you boot your computer.

These instructions assume that you have configured the firewall as described in the preceding section and that the configuration is still in effect.

Saving your filtering rules to a script

You need to save your rule set after you have created your firewall. Red Hat provides a utility for doing just that. The iptables-save utility reads your current firewall rules and converts them into script-compatible form. Red Hat also provides a script to start up your firewall whenever you start your computer. The /etc/init.d/iptables script is run whenever you start your computer and, thus, your firewall is started too. Follow these steps:

Log in as root, if necessary, and open a GNOME Terminal window (refer to Chapter 4), if necessary.

Run this command and your firewall rules are saved to a script:

iptables-save > /etc/sysconfig/iptables

Turning your firewall off and on

Red Hat uses the /etc/sysconfig/iptables script to start Netfilter/ iptables firewalls. The /etc/init.d/iptables script uses the filtering rules stored in the /etc/sysconfig/iptables file to implement the filtering rules.

You can start the Netfilter/iptables firewall by running this iptables script:

/etc/init.d/iptables start

You must be logged in as root, of course. Note that you can turn off your firewall by replacing start with stop:

/etc/init.d/iptables stop

You can also use the graphical Red Hat Service Configuration utility. These instructions show you how to use the utility to start or stop your firewall:

Click the GNOME Menu button and choose System SettingsServer SettingsServices.

If you’re not logged in as root, the Input window pops up and you’re asked to enter the root password.

Enter the root password you set during the Red Hat installation process.

The Service Configuration window appears. This window controls all the Linux daemons (processes that provide services).

Scroll down the Service Configuration window until you find the Iptables service.

The check mark should be set in the check box.

Click the Restart button in the upper-left corner of the window.

You could click the Start button, but we advise you to use the Restart function. The Start and Restart buttons give you the same result, but restarting works if the service is already running. Using the Start function doesn’t work if the service is already running.

Click the Stop button to turn off your firewall.

After the service restarts, you see a confirmation message.

Click OK.

Your firewall is restarted, and you can exit from the Service Configuration window.

You can also prevent the Iptables script from being automatically started when you boot the system. Click in the box immediately to the left of the service name to remove the check mark. Click the Save button, and the pointer (/etc/rc.d/rc5.d/S08iptables) to the startup script (/etc/ init.d/iptables) is removed. You can restore the pointer by clicking in the box so that the check mark reappears.