Currently (for testing) i use Virtualbox under Windows 7 to install Centos7. later it will be installed correctly without Virtualbox.
Later i want to use the Thunderbird Email Client.
I want to have a secure desktop system (as much as possible) for me as private person.
Please can anyone help me to setup firewalld to allow only the most necessary connections?
Thank you.
Currently i want to setup these rules:
Code: Select all
##################
# Regeln
##################
# IPv4 Default
$IPTABLES -P INPUT DROP
$IPTABLES -P FORWARD DROP
$IPTABLES -P OUTPUT ACCEPT
# Loopback-Schnittstelle Verkehr erlauben
$IPTABLES -A INPUT -i lo -j ACCEPT
$IPTABLES -A OUTPUT -o lo -j ACCEPT
# ICMP-Antwortpakete erlauben
$IPTABLES -A INPUT -p icmp -m icmp --icmp-type echo-reply -j ACCEPT
$IPTABLES -A INPUT -p icmp -m icmp --icmp-type echo-request -j ACCEPT
$IPTABLES -A INPUT -p icmp -m icmp --icmp-type destination-unreachable -j ACCEPT
# Alle Pakete zu einer bestehenden TCP-Verbindung akzeptieren
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Alle Pakete ordentlich zurückweisen
$IPTABLES -A INPUT -p tcp -j REJECT --reject-with tcp-reset
$IPTABLES -A INPUT -j REJECT --reject-with icmp-port-unreachable
how can i disable ipv6 generally?
how to log all outgoing connections?
does anything miss? or any suggestions?