diff --git a/modules/ROOT/nav.adoc b/modules/ROOT/nav.adoc index a108a3c..e67b808 100644 --- a/modules/ROOT/nav.adoc +++ b/modules/ROOT/nav.adoc @@ -6,8 +6,8 @@ * Usage and customisation ** xref:dnf.adoc[Using the DNF software package manager] -** xref:finding-and-installing-linux-applications.adoc[Finding and installing Linux applications] ** xref:repositories.adoc[Fedora Repositories] +** xref:finding-and-installing-linux-applications.adoc[Finding and installing Linux applications] ** xref:adding-or-removing-software-repositories-in-fedora.adoc[Adding or removing software repositories in Fedora] ** xref:setup_rpmfusion.adoc[Enabling the RPM Fusion repositories] ** xref:installing-chromium-or-google-chrome-browsers.adoc[Installing Chromium or Google Chrome browsers] @@ -42,6 +42,7 @@ ** xref:reset-root-password.adoc[Resetting a root password] ** xref:using-aide.adoc[Checking file integrity with AIDE] ** xref:getting-started-with-apache-http-server.adoc[Getting started with Apache HTTP Server] +** xref:how-to-edit-iptables-rules.adoc[How to edit iptables rules] * xref:getting-started-with-selinux.adoc[SELinux] @@ -51,32 +52,9 @@ * xref:upgrading.adoc[Upgrading to a new release] ** xref:dnf-system-upgrade.adoc[Upgrading Fedora using the DNF system upgrade] -* xref:using-aide.adoc[Checking integrity with AIDE] -* xref:anaconda/anaconda.adoc[Anaconda] -** xref:anaconda/anaconda_distros.adoc[Anaconda-based Distributions] -** xref:anaconda/anaconda_updates.adoc[Anaconda Updates] -** xref:anaconda/anaconda_logging.adoc[Anaconda Logging] -** xref:anaconda/anaconda_product_image.adoc[Anaconda Product Image] -* xref:getting-started-with-apache-http-server.adoc[Getting started with Apache HTTP Server] -* xref:finding-and-installing-linux-applications.adoc[Finding and installing Linux applications] -* xref:installing-chromium-or-google-chrome-browsers.adoc[Installing Chromium or Google Chrome browsers] -* xref:switching-desktop-environments.adoc[Switching desktop environments] -* xref:fedora-and-red-hat-enterprise-linux.adoc[Difference between Fedora and Red Hat Enterprise Linux] -* xref:dnf.adoc[Using the DNF software package manager] -* xref:dnf-system-upgrade.adoc[Upgrading Fedora using the DNF system upgrade] -* xref:securing-the-system-by-keeping-it-up-to-date.adoc[Securing the system by keeping it up-to-date] -* xref:upgrading.adoc[Upgrading to a new release of Fedora] -* xref:firewalld.adoc[Controlling network traffic with firewalld] -* xref:iptables/overview.adoc[How to edit iptables rules] -** xref:iptables/cli.adoc[Command Line Interface] -** xref:iptables/tui.adoc[Text-based Interface] -** xref:iptables/gui.adoc[Graphical User Interface] -* xref:using-adobe-flash.adoc[Using Adobe Flash] -* xref:adding-new-fonts-fedora.adoc[Adding new fonts in Fedora] -* xref:create-gpg-keys.adoc[Creating GPG Keys] -* xref:bootloading-with-grub2.adoc[Bootloading with GRUB2] -* xref:creating-and-using-a-live-installation-image.adoc[Creating and using a live installation image] -* xref:installing-java.adoc[Installing Java] + + + * xref:kernel/overview.adoc[Kernel] ** xref:kernel/troubleshooting.adoc[Troubleshooting] ** xref:kernel/build-custom-kernel.adoc[Building a Custom Kernel] diff --git a/modules/ROOT/pages/iptables/cli.adoc b/modules/ROOT/pages/_partials/iptables-cli.adoc similarity index 97% rename from modules/ROOT/pages/iptables/cli.adoc rename to modules/ROOT/pages/_partials/iptables-cli.adoc index 1199d7b..3b0753b 100644 --- a/modules/ROOT/pages/iptables/cli.adoc +++ b/modules/ROOT/pages/_partials/iptables-cli.adoc @@ -1,6 +1,6 @@ -== Command Line Interface += Command Line Interface -=== Changes to iptables Rules +== Changes to iptables Rules The following procedures allow for changes in the behaviour of the firewall while it is running. It is important to understand that every change @@ -10,7 +10,7 @@ Read the man pages (`man iptables`) for further explanations and more sophisticated examples. -==== Listing Rules +=== Listing Rules Currently running iptables rules can be viewed with the command: @@ -49,7 +49,7 @@ ssh connections and subsequently a second rule permitting ssh connections, the first rule would be applied to incoming ssh connections while the latter would never be evaluated. -==== Appending Rules +=== Appending Rules The following adds a rule at the end of the specified chain of iptables: @@ -73,7 +73,7 @@ target prot opt source destination Notice the last line in the INPUT chain. There are now five rules. -==== Deleting Rules +=== Deleting Rules To delete a rule you need to know its position in the chain. The following will delete the rule from the previous example. To do so, the rule in the fifth @@ -96,7 +96,7 @@ Chain OUTPUT (policy ACCEPT) target prot opt source destination .... -==== Inserting Rules +=== Inserting Rules You can also insert rules at a specific position. To insert a rule at the top (i.e. first) position, use: @@ -124,7 +124,7 @@ The number given after the chain name indicates the position of your new rule third position, you specify the number 3. Afterwards your new rule is at position 3, while the old rule from position 3 is now shifted to position 4. -==== Replacing Rules +=== Replacing Rules Rules may be specified to replace existing rules in the chain. @@ -150,7 +150,7 @@ Chain OUTPUT (policy ACCEPT) target prot opt source destination .... -==== Flushing Rules +=== Flushing Rules To flush or clear all iptables rules, use the `--flush`, `-F` option: @@ -169,7 +169,7 @@ To flush all rules in the OUTPUT chain use: # iptables -F OUTPUT .... -=== Making changes persistent +== Making changes persistent All changes to iptables rules using the CLI commands will be lost upon system reboot. However, `iptables` comes with two useful utilities: @@ -248,4 +248,4 @@ option: .... It is possible to reset only a single rule counter. This might become handy - if you want to know how many packets were captured for a specific rule. \ No newline at end of file + if you want to know how many packets were captured for a specific rule. diff --git a/modules/ROOT/pages/iptables/gui.adoc b/modules/ROOT/pages/_partials/iptables-gui.adoc similarity index 98% rename from modules/ROOT/pages/iptables/gui.adoc rename to modules/ROOT/pages/_partials/iptables-gui.adoc index 6d3a693..c2ec01d 100644 --- a/modules/ROOT/pages/iptables/gui.adoc +++ b/modules/ROOT/pages/_partials/iptables-gui.adoc @@ -1,4 +1,4 @@ -== Graphical User Interface += Graphical User Interface There are several graphical user interfaces available to configure iptables. @@ -14,7 +14,7 @@ interface that covers all iptables functionality. The following section describes yet another frontend: `system-config-firewall`. -=== system-config-firewall +== system-config-firewall The GUI interface is similar to the text based interface just more friendly. @@ -82,4 +82,4 @@ The other options in the sidebar *Trusted Interfaces*, *Masquerading*, *Port Forwarding* and so on work exactly as in the text based interface. When you finished the configuration, click *Apply* to save and activate the -firewall. \ No newline at end of file +firewall. diff --git a/modules/ROOT/pages/iptables/tui.adoc b/modules/ROOT/pages/_partials/iptables-tui.adoc similarity index 98% rename from modules/ROOT/pages/iptables/tui.adoc rename to modules/ROOT/pages/_partials/iptables-tui.adoc index 0df9ccf..2827c5a 100644 --- a/modules/ROOT/pages/iptables/tui.adoc +++ b/modules/ROOT/pages/_partials/iptables-tui.adoc @@ -1,4 +1,4 @@ -== Text-based User Interface += Text-based User Interface There are two ways to manage iptables rules using a text-based user interface. These are `setup` and `system-config-firewall-tui`. If you start @@ -95,4 +95,4 @@ will get back the configuration screen with no changes applied to your firewall. image:Firewall_TUI_Warning.PNG[Firewall TUI -warning.,title="Firewall TUI warning.",width=700] \ No newline at end of file +warning.,title="Firewall TUI warning.",width=700] diff --git a/modules/ROOT/pages/how-to-edit-iptables-rules.adoc b/modules/ROOT/pages/how-to-edit-iptables-rules.adoc new file mode 100644 index 0000000..423e890 --- /dev/null +++ b/modules/ROOT/pages/how-to-edit-iptables-rules.adoc @@ -0,0 +1,14 @@ += How to edit iptables rules + +In this how-to, we will illustrate three ways of editing iptables rules, via: + +* Command line interface (CLI): `iptables` and system configuration file `/etc/sysconfig/iptables`. +* Text-based interfaces (TUI): `setup` or `system-config-firewall-tui` +* Graphical user interface(GUI): `system-config-firewall` + +NOTE: This how-to illustrates editing existing iptables rules, not the +initial creation of rules chains. + +include::{partialsdir}/iptables-cli.adoc[leveloffset=+1] +include::{partialsdir}/iptables-tui.adoc[leveloffset=+1] +include::{partialsdir}/iptables-gui.adoc[leveloffset=+1] diff --git a/modules/ROOT/pages/iptables/overview.adoc b/modules/ROOT/pages/iptables/overview.adoc deleted file mode 100644 index 0455329..0000000 --- a/modules/ROOT/pages/iptables/overview.adoc +++ /dev/null @@ -1,11 +0,0 @@ -= How to edit iptables rules - -In this how-to, we will illustrate three ways of editing iptables rules, via: - -* xref:iptables/cli.adoc[Command line interface] (CLI) `iptables` and system configuration file -`/etc/sysconfig/iptables`. -* xref:iptables/tui.adoc[Text-based interfaces] (TUI) `setup` or `system-config-firewall-tui` -* xref:iptables/gui.adoc[Graphical user interface](GUI) `system-config-firewall` - -NOTE: This how-to illustrates editing existing iptables rules, not the -initial creation of rules chains. \ No newline at end of file