[CentOS] firewall question

Mon Aug 3 17:48:20 UTC 2009
Filipe Brandenburger <filbranden at gmail.com>

Hi,

On Mon, Aug 3, 2009 at 13:33, Jerry Geis<geisj at pagestation.com> wrote:
> This rule gets put in by default:
> -A RH-Firewall-1-INPUT -i eth0 -j ACCEPT
>
> How do I prevent that?

I'm not familiar with lokkit, but I believe it will read the file
/etc/sysconfig/system-config-securitylevel on startup, so you might
already have something like --trust=eth0 there.

You might use lokkit -f to prevent reading options from that file, or
just edit that file manually and remove that specific option.

You might want to look into a more complete and flexible firewall
management script such as shorewall.

HTH,
Filipe