zz_enable_firewall_fnal - This will turn on iptables and configure to fnal.gov only

Website: http://fermilinux.fnal.gov/
License: GPL
Vendor: Fermilab
This will turn on iptables and configure to allow NEW inbound tcp/udp traffic to fnal.gov only.  To customize modify /etc/sysconfig/iptables .  This rpm will NOT remove/modify a existing iptables config on install, in that case it will create a new file called /etc/sysconfig/iptables.rpmnew .  If you want the iptables config file provided in this rpm to be installed either remove /etc/sysconfig/iptables before installing this rpm or move /etc/sysconfig/iptables.rpmnew to /etc/sysconfig/iptables.

For the special case of ftp the /etc/sysconfig/iptables-config file requires that "ip_conntrack_ftp" module be defined in the "IPTABLES_MODULES" definition.  This option allows for the use of "active" ftp without the need for other tcp ports to be defined.  The pre existing /etc/sysconfig/iptables-config is saved off as /etc/sysconfig/iptables-config.<date>.


zz_enable_firewall_fnal-2.0-0.noarch [5 KiB] Changelog by Connie Sieh (2012-04-09):
- turn on iptables and configure to fnal.gov only except for approved ports

