Firewall Configuration

Please select 'No firewall' unless you know what you are doing.

A firewall sits between your computer and the network, and determines which resources on your computer remote users on the network are able to access. This has been known to turn off certain services that a user normally expects, such as nfs mounts, kerberos authentication, remote logins, and other userful items.

Descriptions of the different security level's can be found below.

High Security - By choosing High Security, your system will not accept connections that are not explicitly defined by you. By default, only the following connections are allowed:

Using this High Security will not allow the following:

If you are connecting your system to the Internet, but do not plan to run a server, this is the safest choice. If additional services are needed, you can choose Customize to allow specific services through the firewall.

Medium Security - Choosing Medium Security will not allow your system to have access to certain resources. By default, access to the following resources are not allowed:

If you want to allow resources such as RealAudio(tm), while still blocking access to normal system services, choose Medium Security. You can choose Customize to allow specific services through the firewall.

No Firewall - No firewall allows complete access and does no security checking. It is recommended that this only be selected if you are running on a trusted network (not the Internet), or if you plan to do more detailed firewall configuration later.

Unless you plan to customize your firewall, make sure Use default firewall rules is selected.

Choose Customize to add trusted devices or to allow additional incoming interfaces.

Trusted Devices - Checking these for any of your devices allows all traffic coming from that device to be allowed.

It is not recommended to enable this for devices that are connected to public networks, such as the Internet.

Allow Incoming - Enabling these options allow the specified services to pass through the firewall. Note, during a workstation-class installation, the majority of these services are not present on the system.

Other ports - You can specify that other ports not listed here be allowed through the firewall. The format to use is 'port:protocol'.