186 lines
3.1 KiB
HTML
186 lines
3.1 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Config /etc/rc.d/init.d/firewall script file -Gateway Server</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
|
|
REL="HOME"
|
|
TITLE="Securing and Optimizing Linux"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Networking Firewall -Masquerading and Forwarding"
|
|
HREF="Masq-forward.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Build a kernel with Firewall Masquerading and Forwarding support"
|
|
HREF="chap12sec104.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Configure script for Example Gateway Server"
|
|
HREF="chap12sec106.html"></HEAD
|
|
><BODY
|
|
CLASS="section"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap12sec104.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 12. Networking Firewall -Masquerading and Forwarding</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap12sec106.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="section"
|
|
><H1
|
|
CLASS="section"
|
|
><A
|
|
NAME="AEN6810"
|
|
>12.2. Config <TT
|
|
CLASS="filename"
|
|
>/etc/rc.d/init.d/firewall</TT
|
|
> script file -Gateway Server</A
|
|
></H1
|
|
><TABLE
|
|
CLASS="sidebar"
|
|
BORDER="1"
|
|
CELLPADDING="5"
|
|
><TR
|
|
><TD
|
|
><DIV
|
|
CLASS="sidebar"
|
|
><A
|
|
NAME="AEN6813"
|
|
></A
|
|
><P
|
|
><B
|
|
>Some Points to Consider</B
|
|
></P
|
|
><P
|
|
> You can safely assume that you are potentially at risk if you connect your system to the Internet. Your gateway to the Internet is your greatest exposure, so we recommend the following:
|
|
<P
|
|
></P
|
|
><UL
|
|
><LI
|
|
STYLE="list-style-type: opencircle"
|
|
><P
|
|
> The gateway should not run any more applications than are absolutely necessary.
|
|
</P
|
|
></LI
|
|
><LI
|
|
STYLE="list-style-type: opencircle"
|
|
><P
|
|
> The gateway should strictly limit the type and number of protocols allowed to flow through it (protocols potentially provide security holes, such as <SPAN
|
|
CLASS="acronym"
|
|
>FTP</SPAN
|
|
> and telnet).
|
|
</P
|
|
></LI
|
|
><LI
|
|
STYLE="list-style-type: opencircle"
|
|
><P
|
|
> Any system containing confidential or sensitive information should not be directly accessible from the Internet.
|
|
</P
|
|
></LI
|
|
></UL
|
|
>
|
|
</P
|
|
></DIV
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap12sec104.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap12sec106.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Build a kernel with Firewall Masquerading and Forwarding support</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="Masq-forward.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Configure script for Example Gateway Server</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |