HostedDB - Dedicated UNIX Servers
Securing-Optimizing-RH-Linux-1_2_118
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 118 echo "Usage: firewall {start|stop|status|restart|reload}" exit 1 esac exit 0 Now, make this script executable and change its default permission: [root@deep /]# chmod 700 /etc/rc.d/init.d/firewall [root@deep /]# chown 0.0 /etc/rc.d/init.d/firewall Create the symbolic rc.d links for your Firewall with the following command: [root@deep /]# chkconfig --add firewall [root@deep /]# chkconfig --level 345 firewall on Now, your firewall rules are configured to use System V init (System V init is in charge of starting all the normal processes that need to run at boot time) and it will be automatically started each time if your server reboot. · To stop manually the firewall on your system, use the following command: [root@deep /]# /etc/rc.d/init.d/firewall stop Shutting Firewalling Services: [  OK  ] · To start manually the firewall on your system, use the following command: [root@deep /]# /etc/rc.d/init.d/firewall start Starting Firewalling Services: [  OK  ] Configuration of the “/etc/rc.d/init.d/firewall” script file for the Mail Server This is the configuration script file for our Mail Server machine. This configuration allow, unlimited traffic on the Loopback interface, ICMP, DNS Server and Client (53), SSH Server (22), SMTP Server and Client (25), IMAP server (143), and OUTGOING TRACEROUTE requests by default. If you don’t want some services listed in the firewall rules files for the Mail Server that I make ON by default, comment them out with a "#" at the beginning of the line. If you want some other services that I commented out with a "#", then remove the "#" at the beginning of their lines. Create the firewall script file (touch /etc/rc.d/init.d/firewall) on your Mail Server and add: #!/bin/sh # # ---------------------------------------------------------------------------- # Last modified by Gerhard Mourani:  02-01-2000 # ---------------------------------------------------------------------------- # Copyright (C) 1997, 1998, 1999  Robert L. Ziegler # # Permission to use, copy, modify, and distribute this software and its  # documentation for educational, research, private and non-profit purposes, # without fee, and without a written agreement is hereby granted.   # This software is provided as an example and basis for individual firewall # development.  This software is provided without warranty.  # # Any material furnished by Robert L. Ziegler is furnished on an   # "as is" basis.  He makes no warranties of any kind, either expressed   # or implied as to any matter including, but not limited to, warranty   # of fitness for a particular purpose, exclusivity or results obtained # from use of the material. # ---------------------------------------------------------------------------- #