Table of Contents
Advertisement
5. Configuring Software Environment
5.12.3 Setting up a firewall
Run the iptables or ip6tables command to set up a firewall.
Use iptables to set up a firewall for IPv4 communication, and use ip6tables to set up a firewall for IPv6
communication.
The following describes how to use the iptables command. When setting up a firewall for IPv6, replace iptables
with ip6tables in the command execution examples.
(1) Firewall functions that can be specified
We provide firewall functions for managing attacks from malicious third parties and viruses.
Table 5‒15: List of firewall functions below shows the firewall rules that can be specified and their defaults.
Table 5‒15: List of firewall functions
No.
Rule name
1
Port reception
permission
2
Port transmission
permission
3
Port reception
permission
(limited)
(2) Enabling or disabling the firewall
Firewall is enabled by default.
1. Run the following command to delete all settings and disable the firewall.
$ sudo iptables_allow_all
2. Run the following command to restore the default settings again and enable the firewall.
$ sudo default_iptables_configure
(3) Setting firewall rules
Use the following procedure to set firewall rules.
68
Overview
Permits reception on only the specified ports and blocks
all other ports.
Security is improved by opening only the ports that
need access from outside.
Permits transmission to the specified ports and blocks
all other transmission.
Permits reception on the specified ports while the
number of connections within a certain period is
limited.
This setting provides effective protection against DoS
(Denial of Service attacks), DDoS (Distributed Denial
of Service attacks), and brute force attacks.
Default
Disabled
Communication to the
following ports is possible:
SSH (22/tcp)
DNS (53/udp)
HTTP (80/tcp)
HTTPS (443/tcp)
Data reception via SSH (22/tcp)
is permitted a maximum of ten
times per minute.
Advertisement
Table of Contents
Troubleshooting
