ClearFoundation

Firewall Incoming

Table of Contents

Overview

The Firewall Incoming feature is used for two primary purposes:

  • To allow external (Internet) connections to your ClearOS system
  • To permanently block a particular IP address or entire networks from accessing ClearOS

Installation

This feature is part of the core system and installed by default.

Menu

You can find this feature in the menu system at the following location:

Network Firewall Incoming

Configuration

Incoming Connections

When the firewall is enabled on your ClearOS system, the default behavior is to block all external (Internet) traffic. If you plan on running services on your ClearOS system that can be accessible from the Internet, then you will need to add the firewall policy to do so. For example, the OpenVPN server requires UDP port 1194 to be open on the firewall.

You can also open up ports to allow for remote management of your ClearOS system. For example, you can open up TCP port 81 to give access to Webconfig.

There are three ways to add an incoming firewall rule:

  • select a standard service in the Standard Services drop down
  • input a protocol and single port number in the Port Number box.
  • input a protocol and multiple consecutive ports in a port range in the Port Range box.

firewallincoming.png

Unlike some other firewall systems you do not need to open a port on the incoming page if you are forwarding the the port to an internal server on your network.

Block External Hosts

In some circumstances, you may want to block particularly annoying systems from ever connecting to your ClearOS system. For example, you may notice a lot of network traffic from a virus infested remote network. You can block this traffic by specifying an IP or network in the Block External Hosts tool.


Except where otherwise noted, content on this wiki is licensed under the following license:CC Attribution-Share Alike 3.0 Unported
Video demonstrations - Copyright © 2010 ClearCenter Corporation