防火墙 linux操作系统的防火墙配置（Firewall configuration for firewall Linux operating system）.doc

防火墙 linux操作系统的防火墙配置（Firewall configuration for firewall Linux operating system） Firewall configuration for Linux operating systems - Basics RedHat Linux provides firewall protection for increased system security. Firewalls exist between your computer and your network to determine whether remote users in the network have access to what resources are on your computer. A properly configured firewall can greatly increase your system security. Select the appropriate level of security for your system. Advanced copyright cnmoker.orrg If you choose advanced, your system will not accept connections that are not specifically specified by you (except for the default settings). Only the following connection is allowed by default: DNS response DHCP - any network interface that uses DHCP can be configured accordingly. If you choose advanced, your firewall will not allow the following connections: 1. active state FTP (the passive state FTP used by default in most clients should be able to function properly. ) 2.IRC DCC file transfer 3.RealAudio 4. remote X window system client This is the safest choice if you want to connect your system to the Internet, but youre not going to run the server. If you need additional services, you can choose Customize to specify the service that allows you to pass through the firewall. Note: network validation methods (NIS and LDAP) will not work if you choose to set up intermediate or advanced firewalls in your installation. Intermediate If you choose intermediate, your firewall will not allow your system access to certain resources. Accessing the following resources is not allowed by default: the content comes from the ink user information 1. ports less than 1023 these are standard ports to retain, mainly used by some system services such as FTP, SSH, Telnet, HTTP, and NIS. 2.NFS server port (2049) - NFS has been disabled on both the remote server and the local client. 3. the local X window system display for the remote X client. This article come