Using Firewall Builder, Part II
Figure 5 shows Slartibartfast's global policy; because this article is already too long I won't explain it in-depth. But the whole point of Firewall Builder is to display firewall rules in an easy-to-read format, so Figure 5 should be self-explanatory.
Speaking of self-explanatory, did I mention that all rules, whether loopback, anti-spoofing or global, can be generated quickly and automatically using Firewall Builder's policy druid? You can run it by selecting a firewall object, pulling down the Rules menu and selecting Help me build a firewall policy.
Don't get too irked at me for not mentioning this until after making you slog through all my instructions on building policies the hard way. Firewall rules are too important to trust entirely to druids. Hopefully, you now can understand and tweak or even correct the rules Firewall Builder generates for you. Regardless of how you build your policies, I hope you find Firewall Builder as useful as I have.
Mick Bauer, CISSP, is Linux Journal's security editor and an IS security consultant for Upstream Solutions LLC in Minneapolis, Minnesota. Mick spends his copious free time chasing little kids (strictly his own) and playing music, sometimes simultaneously. Mick is author of Building Secure Servers With Linux (O'Reilly & Associates, 2002).
- Non-Linux FOSS: Don't Drink the Apple Kool-Aid; Brew Your Own!
- Returning Values from Bash Functions
- Preseeding Full Disk Encryption
- William Rothwell and Nick Garner's Certified Ethical Hacker Complete Video Course (Pearson IT Certification)
- Three EU Industries That Need HPC Now
- FinTech and SAP HANA
- Hodge Podge
- HOSTING Monitoring Insights
- Chemistry on the Desktop
- GRUB Boot from ISO