This is the second part of the introduction to FireHOL article . It covers more advanced topics that you might find useful, such as defining new services, selective filtering, and NAT. I suggest you read the first part of the article if you haven’t done so. FireHOL by default comes with a large number of predefined services, including http, https, dhcp, icmp, samba, snmp, syslog, telnet, ssh, and so on. A complete list can be found here. However, if run application that does not exists in FireHOL service list, it’s very easy to add one.
There are two ways to achieve this. The first one is using service definition syntax. The second method is by using inline service definition syntax. We will look at the second options. Based from our previous configuration, the Internet facing interface is eth0. We are now running OpenVPN service, and would like to have unrestricted access to OpenVPN port. To do this, as root, edit the FireHOL configuration file at /etc/firehol/firehol.conf. Under eth0 interface configuration, add the following line.
Read this full article at Unix Tutorials
|
|
Only registered users can write comments.
Please login or register.
Powered by AkoComment!