|
|
|
|
A firewall is part of your OS and its security. Its main function is to block or permit traffic between two systems or two parts of a network. A firewall is either a program ( or a set of programs) or a computer it runs on. The Virtuozzo Containers software has a built-in firewall that can be managed through both Parallels Power Panel and Parallels Infrastructure Manager. Along with - and apart from - the Parallels Power Panel and Parallels Infrastructure Manager web interface, the command line is an effective tool to manage a firewall. Here are the basic principles that make a firewall work.
A firewall applies a control policy over the firewalled system. There are three policies:
The policies, along with ports and protocols, are chains' attributes. A chain is a list (or a chain) of rules grouped by the criterion of what type of packets they process. There are three packets types:
Therefore we can create three chains - the Input chain, the Output chain and the Forward chain. The Input chain examines the incoming packets. If there is a rule to process a packet, the latter is either let in (accept policy) or not (drop/reject policy). Otherwise, the packet is examined by the next rule. If, finally, there is not any rule to match, the default system policy is applied. The first rule applied to a packet is the first one on the list that forms a chain.
If a packet is created inside the system, it is sent to the Output chain.
Packets that pass through the system, traverse the Forward chain.
When configuring a firewall, you can change a rule's position on the list, delete a rule from the list, create, edit and add rules to the list.
To configure the firewall, click on the Firewall link on the Container dashboard.
