In few sentence I will describe a network environment. There are two networks 192.168.100.0/24 and 192.168.200.0/24. The first one is work environment, in this network we will setup services, and all members of this group will be able to access to this services. Second one is for testing purposes and we will deny access to services in first group.
This chapter will cover security on RHEL system. Attention will be directed to security stuff, and setup for some services will be basic. About some more complex setup you can find on links about themselves services.
There are two ways to configure firewall on RHEL.
First of them is to use system-config-securitylevel.
When you add all ports you want to use then system will generate default chain name for iptables. In mine case I enable only SSH , so I have only port 22 in that iptables. This we can see in file /etc/sysconfig/iptables. This is good point to start, but many people love to write themselves chain. After this should save your wort and restart service.
Second way to write your firewall is to directly change /etc/sysconfig/iptables . After this you should restart iptables service.
In this exercise we will setup that all incoming traffic are going to chain which name will be SECURITY.
After this, I make my own script for make firewall. You need to add execute permission on this file, and start it as I do after.
echo -n "Insert port number: "
echo -n "Insert protocol type you will use: "
iptables -A INPUT -p $PROTOKOL -s 192.168.100.0/24 --dport $BROJ -j ACCEPT
echo -n "Do you have more rules for firewall 1/0? "
if [ "$Y" == "1" ]
service iptables save