Novell LINUX ENTERPRISE DESKTOP 11 - ADMINISTRATION GUIDE 17-03-2009 Administration Manual page 251

Configuring the Firewall
Without having to enter the detailed firewall setup as described in Section "Configuring
the Firewall with YaST" (Chapter 15, Masquerading and Firewalls, ↑Security Guide),
you can determine the basic firewall setup for your device as part of the device setup.
Proceed as follows:
1 Open the YaST Network Devices > Network Settings module. In the Overview
tab, select a card from the list of detected cards and click Edit.
2 Enter the General tab of the Network Settings dialog.
3 Determine the firewall zone to which your interface should be assigned. The
following options are available:
Firewall Disabled
This option is available only if the firewall is disabled and the firewall does
not run at all. Only use this option if your machine is part of a greater network
that is protected by an outer firewall.
Automatically Assign Zone
This option is available only if the firewall is enabled. The firewall is running
and the interface is automatically assigned to a firewall zone. The zone which
contains the keyword any or the external zone will be used for such an in-
terface.
Internal Zone (Unprotected)
The firewall is running, but does not enforce any rules to protect this interface.
Use this option if your machine is part of a greater network that is protected
by an outer firewall. It is also useful for the interfaces connected to the inter-
nal network, when the machine has more network interfaces.
Demilitarized Zone
A demilitarized zone is an additional line of defense in front of an internal
network and the (hostile) Internet. Hosts assigned to this zone can be reached
from the internal network and from the Internet, but cannot access the internal
network.
External Zone
The firewall is running on this interface and fully protects it against oth-
er—presumably hostile— network traffic. This is the default option.
Basic Networking 239