1
edit
Changes
→SELinux Configuration
Policy version: 24
Policy from config file: targeted
== Firewall Configuration ==
Fedora distribution use "netfilter" kernel module for building a Stateful Packet Filtering firewall. Firewall is enable on Fedora Live DVD by default.
The default firewall configuration:
[root@localhost ~]# iptables -L --line-number
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
2 ACCEPT icmp -- anywhere anywhere
3 ACCEPT all -- anywhere anywhere
4 ACCEPT udp -- anywhere 224.0.0.251 state NEW udp dpt:mdns
5 REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
* Incoming packets will be filtered based on firewall rules for the INPUT chain (Chain num 1 to 5)
** Rule number 1 allows any packets which are related to any packets went out before
** Rule number 2 allows any icmp packets, including echo-request and echo-reply packet (used by the ping command)
** Rule number 3 allows packets coming from the loop back network interface (lo), need to "-v" to show the interface name.
** Rule number 4 allows packets go to IP address 224.0.0.251 port 5353
** Rule number 5 blocks all other incoming packets
* No packet will be forwarded.
* All outgoing packets is allowed.
** Rule number 3
= Additional Software Package Installation =
