4.6. Personal Firewalls

Once the necessary network services are configured, it is important to implement a firewall.

Firewalls prevent network packets from accessing the system's network interface. If a request is made to a port that is blocked by a firewall, the request is ignored. If a service is listening on one of these blocked ports, it does not receive the packets and is effectively disabled. For this reason, care should be taken when configuring a firewall to block access to ports not in use, while not blocking access to ports used by configured services.

For most users, the best tool for configuring a simple firewall is the straight-forward, graphical firewall configuration tool which ships with Red Hat Enterprise Linux: the Security Level Configuration Tool (system-config-securitylevel). This tool creates broad iptables rules for a general-purpose firewall using a control panel interface.

For more information about using this application and the options it offers, refer to the chapter titled Basic Firewall Configuration in the System Administrators Guide.

For advanced users and server administrators, manually configuring a firewall with iptables is likely the best option. Refer to Chapter 7, Firewalls for more information. For a comprehensive guide to the iptables command, consult the chapter titled iptables in the Reference Guide.