-   Fedora (
-   -   Fedora 18 default firewall rules (

shadowbox12 06-13-2013 12:01 AM

Fedora 18 default firewall rules
I'm a new Fedora user and recently installed version 18 to test out. One of the first things I checked was iptables -L. What I see there worries me. The first 2 entries are:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all --- anywhere anywhere ctstate RELATED, ESTABLISHED
ACCEPT all --- anywhere anywhere

Now I've read that firewalld has taken over for iptables, so maybe its not using the old rules and this is all inaccurate. I'm really hoping that's the case actually because default allow any/any is *really* bad for a distro that emphasizes security.

When I use the firewall-configure utility it shows the "public" network only allows ports used for ssh, dhcpv6-client, and mdns, which seems much more reasonable to me. Does anyone know for sure what the facts are on this and why there is a discrepancy?

slipstreamed 06-18-2013 03:31 AM


The purpose of this feature request is to make firewalld the default firewall solution for Fedora 18 and therefore enabled by default.
Making firewalld the default firewall solution for Fedora 18. The services iptables, iptables-ipv6 and ebtables will be replaced by firewalld. system-config-firewall in it's current form will also be replaced.
The iptables and ip6tables services will not be enabled by default anymore.

All times are GMT -5. The time now is 03:26 PM.