2. Starting the firewall service

If it is not running already you have to start the firewall service. In order to do so, select Main Menu => System Settings => Security Level to start the Security Level Configuration, or become root and use the system-config-securitylevel command.


You will need the root password to use the Security Level Configuration tool.

Setting up firewall with Security Level

Figure 2. Security Level Configuration

You have to select the Enable firewall security level. Incoming connections on ports related to the Trusted services will be accepted, meaning the ports of those services are open, if the service is active. For example, if you want to provide network services such as WWW, FTP, SSH, SMTP, checking them will make those ports open in the firewall, as well as those services and ports listed in the input line labeled Other ports.

Select the device connected to your local network, which is eth0 in our example. Thus you do not need to set rules for the services—like NFS and SMB shares—in your local network.

Figure 2, “Security Level Configuration” shows the firewall is activated, WWW (HTTP), FTP, SSH, outgoing Mail (SMTP), WWW (HTTPS), 6346 (Gnutella) and connections from the local network (/dev/eth0) are enabled, while Telnet and other ports are blocked.

Press OK, and you have your firewall set up to let anything in from your local network, enable incoming connections on trusted ports, and filter everything else.