The configurations for the basic firewall application are based on sets of ordered rules. The default rules that are installed with the basic firewall establish a security policy that works well with i-Planet. These rules specify the action to be taken for services between two addresses that are on different interfaces of the firewall.
As root, type the following to list the rules:
# fw.rule list rule |
The rules (in this case, the default rules) are listed in the order in which they examine incoming packets.
1 ALLOW "ssl" from "le0" to "localhost" 2 ALLOW "common services" from "localhost" to "*" 3 ALLOW "rip" from "*" to "*" |
This rule allows you to add a service from a named remote host to a local host. Use the list option to see the new list of rules.
Rule number 4 is deleted. Use the list option to see the new list of rules.
Rules 5 and 4 are reordered. Use the list option to see the new ordering.