Fedora Firewall no option as of yet
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I need a firewall.
GUFW a simple firewall was a good option but isnt available on Fedora nor any gui firewall.
I checked Vuurmuur its powerful but for noobs & if configured wrongly its a great mess (even their documentation forewarns that). Similarly SeLinux is not a firewall
A firewall controls the flow of traffic to and from a computer to the
network. SELinux can confine access of programs within a computer and
hence can be conceptually thought of a internal firewall between
programs
I think its just a way to protect core filesystem nothing more than that ...
So what are my options, please suggest me something some resource that is understandable to a starter & if somehow bugged willn't have irreversible consequences.
Further just tell me if I want to reject in/out traffic for the address(s) containing keyword wolfram e.g pk.server.wolfram or wolfram-mathematica.com how would I do that in iptables or somehow...& if I want to block intenet for application /opt/telepath-gabble how would I achieve that
fedora iptables firewall
edited Dec 8 at 0:19
Rui F Ribeiro
38.7k1479128
asked Jan 28 '13 at 5:59
nightcrawler
20619
add a comment |
up vote
1
down vote
favorite
I need a firewall.
GUFW a simple firewall was a good option but isnt available on Fedora nor any gui firewall.
I checked Vuurmuur its powerful but for noobs & if configured wrongly its a great mess (even their documentation forewarns that). Similarly SeLinux is not a firewall
A firewall controls the flow of traffic to and from a computer to the
network. SELinux can confine access of programs within a computer and
hence can be conceptually thought of a internal firewall between
programs
I think its just a way to protect core filesystem nothing more than that ...
So what are my options, please suggest me something some resource that is understandable to a starter & if somehow bugged willn't have irreversible consequences.
Further just tell me if I want to reject in/out traffic for the address(s) containing keyword wolfram e.g pk.server.wolfram or wolfram-mathematica.com how would I do that in iptables or somehow...& if I want to block intenet for application /opt/telepath-gabble how would I achieve that
fedora iptables firewall
edited Dec 8 at 0:19
Rui F Ribeiro
38.7k1479128
asked Jan 28 '13 at 5:59
nightcrawler
20619
ufw is very simple to use and has good documentation...
– jasonwryan
Jan 28 '13 at 6:26
selinuxis not about the core filesystem (what ever this is) but about providing acls for application, i.e. this application can connect to the internet or open a specific port, read the filesystem etc.
– Ulrich Dangel
Jan 28 '13 at 8:12
selinux isinternal firewallaccording to official page how come I control (via selinux) any app's access to net
– nightcrawler
Jan 28 '13 at 8:22
@nightcrawler, SELinux is not a firewall. It's a mechanism for managing MAC (Mandatory Access Control, a way of setting up policies that are more detailed and which override user set permissions).
– vonbrand
Jan 28 '13 at 15:32
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I need a firewall.
GUFW a simple firewall was a good option but isnt available on Fedora nor any gui firewall.
I checked Vuurmuur its powerful but for noobs & if configured wrongly its a great mess (even their documentation forewarns that). Similarly SeLinux is not a firewall
A firewall controls the flow of traffic to and from a computer to the
network. SELinux can confine access of programs within a computer and
hence can be conceptually thought of a internal firewall between
programs
I think its just a way to protect core filesystem nothing more than that ...
So what are my options, please suggest me something some resource that is understandable to a starter & if somehow bugged willn't have irreversible consequences.
Further just tell me if I want to reject in/out traffic for the address(s) containing keyword wolfram e.g pk.server.wolfram or wolfram-mathematica.com how would I do that in iptables or somehow...& if I want to block intenet for application /opt/telepath-gabble how would I achieve that
fedora iptables firewall
edited Dec 8 at 0:19
Rui F Ribeiro
38.7k1479128
asked Jan 28 '13 at 5:59
nightcrawler
20619
I need a firewall.
GUFW a simple firewall was a good option but isnt available on Fedora nor any gui firewall.
I checked Vuurmuur its powerful but for noobs & if configured wrongly its a great mess (even their documentation forewarns that). Similarly SeLinux is not a firewall
A firewall controls the flow of traffic to and from a computer to the
network. SELinux can confine access of programs within a computer and
hence can be conceptually thought of a internal firewall between
programs
I think its just a way to protect core filesystem nothing more than that ...
So what are my options, please suggest me something some resource that is understandable to a starter & if somehow bugged willn't have irreversible consequences.
Further just tell me if I want to reject in/out traffic for the address(s) containing keyword wolfram e.g pk.server.wolfram or wolfram-mathematica.com how would I do that in iptables or somehow...& if I want to block intenet for application /opt/telepath-gabble how would I achieve that
fedora iptables firewall
fedora iptables firewall
edited Dec 8 at 0:19
Rui F Ribeiro
38.7k1479128
asked Jan 28 '13 at 5:59
nightcrawler
20619
edited Dec 8 at 0:19
Rui F Ribeiro
38.7k1479128
asked Jan 28 '13 at 5:59
nightcrawler
20619
edited Dec 8 at 0:19
Rui F Ribeiro
38.7k1479128
edited Dec 8 at 0:19
Rui F Ribeiro
38.7k1479128
edited Dec 8 at 0:19
Rui F Ribeiro
38.7k1479128
38.7k1479128
asked Jan 28 '13 at 5:59
nightcrawler
20619
asked Jan 28 '13 at 5:59
nightcrawler
20619
asked Jan 28 '13 at 5:59
nightcrawler
20619
20619
ufw is very simple to use and has good documentation...
– jasonwryan
Jan 28 '13 at 6:26
selinuxis not about the core filesystem (what ever this is) but about providing acls for application, i.e. this application can connect to the internet or open a specific port, read the filesystem etc.
– Ulrich Dangel
Jan 28 '13 at 8:12
selinux isinternal firewallaccording to official page how come I control (via selinux) any app's access to net
– nightcrawler
Jan 28 '13 at 8:22
@nightcrawler, SELinux is not a firewall. It's a mechanism for managing MAC (Mandatory Access Control, a way of setting up policies that are more detailed and which override user set permissions).
– vonbrand
Jan 28 '13 at 15:32
add a comment |
ufw is very simple to use and has good documentation...
– jasonwryan
Jan 28 '13 at 6:26
selinuxis not about the core filesystem (what ever this is) but about providing acls for application, i.e. this application can connect to the internet or open a specific port, read the filesystem etc.
– Ulrich Dangel
Jan 28 '13 at 8:12
selinux isinternal firewallaccording to official page how come I control (via selinux) any app's access to net
– nightcrawler
Jan 28 '13 at 8:22
@nightcrawler, SELinux is not a firewall. It's a mechanism for managing MAC (Mandatory Access Control, a way of setting up policies that are more detailed and which override user set permissions).
– vonbrand
Jan 28 '13 at 15:32
ufw is very simple to use and has good documentation...
– jasonwryan
Jan 28 '13 at 6:26
ufw is very simple to use and has good documentation...
– jasonwryan
Jan 28 '13 at 6:26
selinux is not about the core filesystem (what ever this is) but about providing acls for application, i.e. this application can connect to the internet or open a specific port, read the filesystem etc.– Ulrich Dangel
Jan 28 '13 at 8:12
selinux is not about the core filesystem (what ever this is) but about providing acls for application, i.e. this application can connect to the internet or open a specific port, read the filesystem etc.– Ulrich Dangel
Jan 28 '13 at 8:12
selinux is
internal firewall according to official page how come I control (via selinux) any app's access to net– nightcrawler
Jan 28 '13 at 8:22
selinux is
internal firewall according to official page how come I control (via selinux) any app's access to net– nightcrawler
Jan 28 '13 at 8:22
@nightcrawler, SELinux is not a firewall. It's a mechanism for managing MAC (Mandatory Access Control, a way of setting up policies that are more detailed and which override user set permissions).
– vonbrand
Jan 28 '13 at 15:32
@nightcrawler, SELinux is not a firewall. It's a mechanism for managing MAC (Mandatory Access Control, a way of setting up policies that are more detailed and which override user set permissions).
– vonbrand
Jan 28 '13 at 15:32
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
If you're happy with the basic configuration, your Fedora firewall defaults to "on" in a basic GUFW way.
answered Jan 28 '13 at 7:26
Simon Hoare
518312
but how do I configure to block a program or unblock it?
– nightcrawler
Jan 28 '13 at 8:21
@nightcrawler I would suggest you read netfilter.org and selinuxproject.org/page/Main_Page to get a good grasp on the capabilities of netfilter and selinux. Then try back and ask for help with specifics
– midnightsteel
Jan 28 '13 at 13:20
The Fedora firewall by default has most incomming traffic blocked.
– vonbrand
Jan 28 '13 at 15:34
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f62807%2ffedora-firewall-no-option-as-of-yet%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
If you're happy with the basic configuration, your Fedora firewall defaults to "on" in a basic GUFW way.
answered Jan 28 '13 at 7:26
Simon Hoare
518312
but how do I configure to block a program or unblock it?
– nightcrawler
Jan 28 '13 at 8:21
@nightcrawler I would suggest you read netfilter.org and selinuxproject.org/page/Main_Page to get a good grasp on the capabilities of netfilter and selinux. Then try back and ask for help with specifics
– midnightsteel
Jan 28 '13 at 13:20
The Fedora firewall by default has most incomming traffic blocked.
– vonbrand
Jan 28 '13 at 15:34
add a comment |
up vote
1
down vote
If you're happy with the basic configuration, your Fedora firewall defaults to "on" in a basic GUFW way.
answered Jan 28 '13 at 7:26
Simon Hoare
518312
but how do I configure to block a program or unblock it?
– nightcrawler
Jan 28 '13 at 8:21
@nightcrawler I would suggest you read netfilter.org and selinuxproject.org/page/Main_Page to get a good grasp on the capabilities of netfilter and selinux. Then try back and ask for help with specifics
– midnightsteel
Jan 28 '13 at 13:20
The Fedora firewall by default has most incomming traffic blocked.
– vonbrand
Jan 28 '13 at 15:34
add a comment |
up vote
1
down vote
up vote
1
down vote
If you're happy with the basic configuration, your Fedora firewall defaults to "on" in a basic GUFW way.
answered Jan 28 '13 at 7:26
Simon Hoare
518312
If you're happy with the basic configuration, your Fedora firewall defaults to "on" in a basic GUFW way.
answered Jan 28 '13 at 7:26
Simon Hoare
518312
answered Jan 28 '13 at 7:26
Simon Hoare
518312
answered Jan 28 '13 at 7:26
Simon Hoare
518312
answered Jan 28 '13 at 7:26
Simon Hoare
518312
518312
but how do I configure to block a program or unblock it?
– nightcrawler
Jan 28 '13 at 8:21
@nightcrawler I would suggest you read netfilter.org and selinuxproject.org/page/Main_Page to get a good grasp on the capabilities of netfilter and selinux. Then try back and ask for help with specifics
– midnightsteel
Jan 28 '13 at 13:20
The Fedora firewall by default has most incomming traffic blocked.
– vonbrand
Jan 28 '13 at 15:34
add a comment |
but how do I configure to block a program or unblock it?
– nightcrawler
Jan 28 '13 at 8:21
@nightcrawler I would suggest you read netfilter.org and selinuxproject.org/page/Main_Page to get a good grasp on the capabilities of netfilter and selinux. Then try back and ask for help with specifics
– midnightsteel
Jan 28 '13 at 13:20
The Fedora firewall by default has most incomming traffic blocked.
– vonbrand
Jan 28 '13 at 15:34
but how do I configure to block a program or unblock it?
– nightcrawler
Jan 28 '13 at 8:21
but how do I configure to block a program or unblock it?
– nightcrawler
Jan 28 '13 at 8:21
@nightcrawler I would suggest you read netfilter.org and selinuxproject.org/page/Main_Page to get a good grasp on the capabilities of netfilter and selinux. Then try back and ask for help with specifics
– midnightsteel
Jan 28 '13 at 13:20
@nightcrawler I would suggest you read netfilter.org and selinuxproject.org/page/Main_Page to get a good grasp on the capabilities of netfilter and selinux. Then try back and ask for help with specifics
– midnightsteel
Jan 28 '13 at 13:20
The Fedora firewall by default has most incomming traffic blocked.
– vonbrand
Jan 28 '13 at 15:34
The Fedora firewall by default has most incomming traffic blocked.
– vonbrand
Jan 28 '13 at 15:34
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f62807%2ffedora-firewall-no-option-as-of-yet%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
ufw is very simple to use and has good documentation...
– jasonwryan
Jan 28 '13 at 6:26
selinuxis not about the core filesystem (what ever this is) but about providing acls for application, i.e. this application can connect to the internet or open a specific port, read the filesystem etc.– Ulrich Dangel
Jan 28 '13 at 8:12
selinux is
internal firewallaccording to official page how come I control (via selinux) any app's access to net– nightcrawler
Jan 28 '13 at 8:22
@nightcrawler, SELinux is not a firewall. It's a mechanism for managing MAC (Mandatory Access Control, a way of setting up policies that are more detailed and which override user set permissions).
– vonbrand
Jan 28 '13 at 15:32