This policy sets up a simple exclusionary firewall on targeted machines using iptables. When enabled, the firewall will by default allow all outgoing traffic but block any inbound traffic with the exception of ssh and ping.
The format is:
Name:Type:Protocol:Port:Action
Name is just an identifying string.
Type is either INPUT or OUTPUT (caps are mandatory).
Use INPUT to block incoming port and OUTPUT to block the computer from sending on that port.
Protocol should be one of tcp, udp, icmp, or all.
Port is the port number.
Action is either ACCEPT or DROP.
This example would allow connections to the machine as a web server
HTTP:INPUT:tcp:80:ACCEPT
This example will prevent the machine from sending mail
SMTP:OUTPUT:tcp:25:DROP
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\UnixSettings\LinuxFirewall |
Value Name | |
Value Type | REG_DWORD |
Default Value | /etc/issue |