An example of how the priority order works
Following examples clarify how you can control which rules are applied to a
specific network traffic by changing the order of firewall rules.
•
You have added a rule that denies all outbound FTP traffic. Above the
rule in the rules list, you add another rule that allows an FTP connection
to your Internet Service Provider's IP address. This rule allows you to
create an FTP connection to that IP address.
•
You have added a rule that allows you to create an FTP connection to
your Internet Service Provider's IP address. Above the rule in the rules
list, you add another rule that denies all FTP traffic. This rule prevents
you from creating an FTP connection to your Internet Service Provider's
IP address (or any other IP address).
Firewall Settings
On the Settings tab, you can select network packet logging settings and configure trusted
network interfaces.
Logging Unhandled Network Packets
You can log unhandled network packets in problem solving situations.
By default, you do not need to log unhandled network packets.
1. Open the Web User Interface.
2. Select the Advanced check box turn on the advanced mode.
3. Go to Firewall Protection ➤ General .
4. Check the Log all unhandled network packets check box to log all network packets that
do not match to any firewall rules.
All network packets that do not match any firewall rules are logged using syslog (may vary
depending on the Linux distribution you use).
Editing Trusted Network Interfaces
Firewall rules apply to all network interfaces on the host. All interfaces on the trusted list have
a pass-by rule that accepts all traffic.
1. Open the Web User Interface.
2. Select the Advanced check box turn on the advanced mode.
3. Go to Firewall Protection ➤ General .
56 | F-Secure Linux Security | Using the Product
To Next Page
Loading...
Need help?
General
