LinuxQuestions.org - [SOLVED] Is firewall fully enabled out-of-the-box?

Hi,

One has a "fully enabled firewall" when one's computer is switched off :-)

1) The default /etc/server/autostart.conf file is:

Code:

# Choose the servers to start during the boot time:

CRON=yes

DNS=no

FIREWALL=yes

FTP=no

HTTP=no

MYSQL=no

NFS=no

PROXY=no

SMTP=no

SSH=yes

TELNET=no

So yes, the firewall is enabled by default.

2) Open your terminal and execute "firewall test". You should now see something like this:

Code:

Chain INPUT (policy DROP)

target    prot opt source              destination        

          tcp  --  anywhere            anywhere            tcp dpt:ssh state NEW recent: SET name: BRF side: source mask: 255.255.255.255

DROP      tcp  --  anywhere            anywhere            tcp dpt:ssh state NEW recent: UPDATE seconds: 600 hit_count: 10 TTL-Match name: BRF side: source mask: 255.255.255.255

DROP      tcp  --  anywhere            anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE

DROP      tcp  --  anywhere            anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN state NEW

DROP      tcp  --  anywhere            anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG

ACCEPT    all  --  anywhere            anywhere            

ACCEPT    icmp --  anywhere            anywhere            icmp echo-request

ACCEPT    icmp --  anywhere            anywhere            icmp time-exceeded

ACCEPT    all  --  anywhere            anywhere            ctstate RELATED,ESTABLISHED

ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:ftp

ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:ssh

ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:http

ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:https

ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:10000

ACCEPT    tcp  --  anywhere            anywhere            multiport dports 50000:55000

ACCEPT    udp  --  anywhere            anywhere            udp spt:netbios-ns



Chain FORWARD (policy DROP)

target    prot opt source              destination        



Chain OUTPUT (policy ACCEPT)

target    prot opt source              destination        

ACCEPT    all  --  anywhere            anywhere

So yes, the firewall is up and running.

3) The firewall's default configuration (Menu > Miniserver > Settings > Firewall) is:

Code:

# Accept all internal requests:

LOCALHOST=yes



# Accept external ping requests:

PINGS=yes



# Accept external traceroute requests:

TRACEROUTE=yes



# Allow outgoing traffic:

OUTGOING=yes



# Allow incoming traffic to the following TCP ports:

TCP="21 22 80 443 10000"



# Allow incoming traffic to the following UDP ports:

UDP=""



# Unblock port 53 for DNS server:

DNS=no



# Unblock ports 25,465,587 for SMTP server:

SMTP=no



# Unblock ports 111,1110,2049,4045,4046 for NFS server:

NFS=no



# Allow passive FTP connections:

PASSIVE=yes



# Range of ports for passive FTP connections:

RANGE=50000:55000



# Enable support for Samba client:

SAMBA=yes



# Enable SSH brute force protection:

BRF=yes



# Blacklist IP addresses from the following list:

BLACKLIST=/etc/firewall/black.list



# Enable DDOS protection:

DDOS=no





# NOTE:

# Always enabled (even if DDOS is set to "no"):

# SYN flood protection,

# NULL scan protection,

# XMAS scan protection.

4) More reading:
http://4mlinux.blogspot.com/2017/07/...ux-server.html

.