nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-06-03 10:50:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/doc/manual/en/Firewall.raw.xml
James Valleroy 1e31f73e40
doc: Fetch latest manual 
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
2020-07-13 19:04:38 -04:00

13 lines
58 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE article PUBLIC '-//OASIS//DTD DocBook XML V4.4//EN' 'http://www.docbook.org/xml/4.4/docbookx.dtd'><article><articleinfo><title>FreedomBox/Manual/Firewall</title><revhistory><revision><revnumber>32</revnumber><date>2020-05-24 08:58:20</date><authorinitials>fioddor</authorinitials><revremark>Minor clarification</revremark></revision><revision><revnumber>31</revnumber><date>2020-05-24 04:43:27</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Add advanced firewall operations section referring to Cockpit</revremark></revision><revision><revnumber>30</revnumber><date>2020-05-23 20:42:15</date><authorinitials>JamesValleroy</authorinitials><revremark>add TableOfContents</revremark></revision><revision><revnumber>29</revnumber><date>2020-05-03 18:56:52</date><authorinitials>JamesValleroy</authorinitials><revremark>remove link to source file, no longer exists</revremark></revision><revision><revnumber>28</revnumber><date>2020-05-03 18:56:08</date><authorinitials>JamesValleroy</authorinitials><revremark>rename plinth -&gt; freedombox</revremark></revision><revision><revnumber>27</revnumber><date>2020-04-12 15:56:21</date><authorinitials>JamesValleroy</authorinitials><revremark>add links back to top level pages</revremark></revision><revision><revnumber>26</revnumber><date>2019-10-21 14:58:15</date><authorinitials>fioddor</authorinitials><revremark>Minor correction</revremark></revision><revision><revnumber>25</revnumber><date>2018-03-11 03:12:12</date><authorinitials>JosephNuthalapati</authorinitials><revremark>Fix oversized image</revremark></revision><revision><revnumber>24</revnumber><date>2017-03-31 20:25:36</date><authorinitials>Drahtseil</authorinitials><revremark>Screenshot Firewall</revremark></revision><revision><revnumber>23</revnumber><date>2017-01-08 02:18:51</date><authorinitials>JamesValleroy</authorinitials><revremark>add minetest</revremark></revision><revision><revnumber>22</revnumber><date>2017-01-08 02:17:46</date><authorinitials>JamesValleroy</authorinitials><revremark>fix table spacing</revremark></revision><revision><revnumber>21</revnumber><date>2017-01-08 02:16:47</date><authorinitials>JamesValleroy</authorinitials><revremark>add repro</revremark></revision><revision><revnumber>20</revnumber><date>2017-01-08 02:10:57</date><authorinitials>JamesValleroy</authorinitials><revremark>add mumble</revremark></revision><revision><revnumber>19</revnumber><date>2017-01-08 02:08:58</date><authorinitials>JamesValleroy</authorinitials><revremark>add quassel</revremark></revision><revision><revnumber>18</revnumber><date>2017-01-08 01:55:02</date><authorinitials>JamesValleroy</authorinitials><revremark>reorder to match Plinth Firewall page</revremark></revision><revision><revnumber>17</revnumber><date>2017-01-07 21:07:25</date><authorinitials>JamesValleroy</authorinitials><revremark>update managed by plinth</revremark></revision><revision><revnumber>16</revnumber><date>2017-01-07 20:54:21</date><authorinitials>JamesValleroy</authorinitials><revremark>update statuses shown in plinth</revremark></revision><revision><revnumber>15</revnumber><date>2017-01-07 20:51:16</date><authorinitials>JamesValleroy</authorinitials><revremark>updated services enabled by default</revremark></revision><revision><revnumber>14</revnumber><date>2017-01-07 20:49:50</date><authorinitials>JamesValleroy</authorinitials><revremark>fix table spacing</revremark></revision><revision><revnumber>13</revnumber><date>2017-01-07 20:47:32</date><authorinitials>JamesValleroy</authorinitials><revremark>jwchat replaced with jsxc</revremark></revision><revision><revnumber>12</revnumber><date>2017-01-07 20:45:27</date><authorinitials>JamesValleroy</authorinitials><revremark>remove owncloud from ports list</revremark></revision><revision><revnumber>11</revnumber><date>2016-01-13 23:19:49</date><authorinitials>JamesValleroy</authorinitials><revremark>port -&gt; service</revremark></revision><revision><revnumber>10</revnumber><date>2015-12-15 00:51:46</date><authorinitials>JamesValleroy</authorinitials><revremark>few corrections</revremark></revision><revision><revnumber>9</revnumber><date>2015-09-16 11:06:29</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Update an oudated link</revremark></revision><revision><revnumber>8</revnumber><date>2015-09-16 08:18:17</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Remove unnecessary automatic links</revremark></revision><revision><revnumber>7</revnumber><date>2015-09-13 15:06:40</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Modify structure for inclusion into manual</revremark></revision><revision><revnumber>6</revnumber><date>2015-09-12 11:19:31</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Move the firewall page to Manual paths</revremark></revision><revision><revnumber>5</revnumber><date>2015-09-12 09:37:40</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Move networking related information to Networks page, cleanup</revremark></revision><revision><revnumber>4</revnumber><date>2015-02-13 04:53:16</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Include FreedomBox portal in footer</revremark></revision><revision><revnumber>3</revnumber><date>2014-05-08 08:02:39</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Add section on internet connection sharing and minor corrections</revremark></revision><revision><revnumber>2</revnumber><date>2014-05-08 07:49:29</date><authorinitials>PaulWise</authorinitials><revremark>link to the plinth source</revremark></revision><revision><revnumber>1</revnumber><date>2014-05-08 07:36:15</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>New page documenting firewall operation and default port status</revremark></revision></revhistory></articleinfo><section><title>Firewall</title><para>Firewall is a network security system that controls the incoming and outgoing network traffic. Keeping a firewall enabled and properly configured reduces risk of security threat from the Internet. </para><para>The operation of the firewall in FreedomBox web interface is automatic. When you enable a service it is automatically permitted in the firewall and when you disable a service it is automatically disabled in the firewall. For services which are enabled by default on FreedomBox, firewall ports are also enabled by default during the first run process. </para><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/Firewall?action=AttachFile&amp;do=get&amp;target=Firewall.png" width="800"/></imageobject><textobject><phrase>Firewall</phrase></textobject></inlinemediaobject> </para><para>Firewall management in FreedomBox is done using <ulink url="https://fedoraproject.org/wiki/FirewallD">FirewallD</ulink>. </para><section><title>Interfaces</title><para>Each interface is needs to be assigned to one (and only one) zone. If an interface is not assigned any zone, it is automatically assigned <code>external</code> zone. Whatever rules are in effect for a zone, those rules start to apply for that interface. For example, if HTTP traffic is allowed in a particular zone, then web requests will be accepted on all the addresses configured for all the interfaces assigned to that zone. </para><para>There are primarily two firewall zones used. The <code>internal</code> zone is meant for services that are provided to all machines on the local network. This may include services such as streaming media and simple file sharing. The <code>external</code> zone is meant for services that are provided publicly on the Internet. This may include services such as blog, website, email web client etc. </para><para>For details on how network interfaces are configured by default, see the <ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Manual/Networks#">Networks</ulink> section. </para></section><section><title>Opening Custom Ports</title><para>Cockpit app provides advanced management of firewall. Both FreedomBox and Cockpit operate over firewalld and are hence compatible with each other. In particular, Cockpit can be used to open custom services or ports on FreedomBox. This is useful if you are manually running your own services in addition to the services provided by FreedomBox on the same machine. </para><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/Firewall?action=AttachFile&amp;do=get&amp;target=firewalld-cockpit.png"/></imageobject><textobject><phrase>firewalld-cockpit.png</phrase></textobject></inlinemediaobject> </para></section><section><title>FreedomBox Ports/Services</title><para>The following table attempts to document the ports, services and their default statuses in FreedomBox. If you find this page outdated, see the Firewall status page in FreedomBox interface. </para><informaltable><tgroup cols="6"><colspec colname="col_0"/><colspec colname="col_1"/><colspec colname="col_2"/><colspec colname="col_3"/><colspec colname="col_4"/><colspec colname="col_5"/><tbody><row rowsep="1"><entry colsep="1" rowsep="1"><para><emphasis role="strong">Service</emphasis></para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong">Port</emphasis> </para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong">External</emphasis></para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong">Enabled by default</emphasis></para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong">Status shown in FreedomBox</emphasis></para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong">Managed by FreedomBox</emphasis></para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Minetest </para></entry><entry colsep="1" rowsep="1"><para> 30000/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> XMPP Client </para></entry><entry colsep="1" rowsep="1"><para> 5222/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> XMPP Server </para></entry><entry colsep="1" rowsep="1"><para> 5269/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> XMPP Bosh </para></entry><entry colsep="1" rowsep="1"><para> 5280/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> NTP </para></entry><entry colsep="1" rowsep="1"><para> 123/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> FreedomBox Web Interface (Plinth) </para></entry><entry colsep="1" rowsep="1"><para> 443/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Quassel </para></entry><entry colsep="1" rowsep="1"><para> 4242/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> SIP </para></entry><entry colsep="1" rowsep="1"><para> 5060/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> SIP </para></entry><entry colsep="1" rowsep="1"><para> 5060/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> SIP-TLS </para></entry><entry colsep="1" rowsep="1"><para> 5061/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> SIP-TLS </para></entry><entry colsep="1" rowsep="1"><para> 5061/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> RTP </para></entry><entry colsep="1" rowsep="1"><para> 1024-65535/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> SSH </para></entry><entry colsep="1" rowsep="1"><para> 22/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> mDNS </para></entry><entry colsep="1" rowsep="1"><para> 5353/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Tor (Socks) </para></entry><entry colsep="1" rowsep="1"><para> 9050/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Obfsproxy </para></entry><entry colsep="1" rowsep="1"><para> &lt;random&gt;/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> OpenVPN </para></entry><entry colsep="1" rowsep="1"><para> 1194/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Mumble </para></entry><entry colsep="1" rowsep="1"><para> 64378/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Mumble </para></entry><entry colsep="1" rowsep="1"><para> 64378/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Privoxy </para></entry><entry colsep="1" rowsep="1"><para> 8118/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> JSXC </para></entry><entry colsep="1" rowsep="1"><para> 80/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> JSXC </para></entry><entry colsep="1" rowsep="1"><para> 443/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_on.png" width="16"/></imageobject><textobject><phrase>{*}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> DNS </para></entry><entry colsep="1" rowsep="1"><para> 53/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> DNS </para></entry><entry colsep="1" rowsep="1"><para> 53/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> DHCP </para></entry><entry colsep="1" rowsep="1"><para> 67/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/checkmark.png" width="16"/></imageobject><textobject><phrase>(./)</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Bootp </para></entry><entry colsep="1" rowsep="1"><para> 67/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Bootp </para></entry><entry colsep="1" rowsep="1"><para> 67/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Bootp </para></entry><entry colsep="1" rowsep="1"><para> 68/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> Bootp </para></entry><entry colsep="1" rowsep="1"><para> 68/udp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> LDAP </para></entry><entry colsep="1" rowsep="1"><para> 389/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para> LDAPS </para></entry><entry colsep="1" rowsep="1"><para> 636/tcp </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/star_off.png" width="16"/></imageobject><textobject><phrase>{o}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry><entry colsep="1" rowsep="1"><para> <inlinemediaobject><imageobject><imagedata depth="16" fileref="https://wiki.debian.org/htdocs/debwiki/img/icon-error.png" width="16"/></imageobject><textobject><phrase>{X}</phrase></textobject></inlinemediaobject> </para></entry></row></tbody></tgroup></informaltable></section><section><title>Manual operation</title><para>See <ulink url="https://fedoraproject.org/wiki/FirewallD">FirewallD</ulink> documentation for more information on the basic concepts and comprehensive documentation. </para><section><title>Enable/disable firewall</title><para>To disable firewall </para><screen><![CDATA[service firewalld stop]]></screen><para>or with systemd </para><screen><![CDATA[systemctl stop firewalld]]></screen><para>To re-enable firewall </para><screen><![CDATA[service firewalld start]]></screen><para>or with systemd </para><screen><![CDATA[systemctl start firewalld]]></screen></section><section><title>Modifying services/ports</title><para>You can manually add or remove a service from a zone. </para><para>To see list of services enabled: </para><screen><![CDATA[firewall-cmd --zone=<zone> --list-services]]></screen><para>Example: </para><screen><![CDATA[firewall-cmd --zone=internal --list-services]]></screen><para>To see list of ports enabled: </para><screen><![CDATA[firewall-cmd --zone=<zone> --list-ports]]></screen><para>Example: </para><screen><![CDATA[firewall-cmd --zone=internal --list-ports]]></screen><para>To remove a service from a zone: </para><screen><![CDATA[firewall-cmd --zone=<zone> --remove-service=<service>
firewall-cmd --permanent --zone=<zone> --remove-service=<interface>]]></screen><para>Example: </para><screen><![CDATA[firewall-cmd --zone=internal --remove-service=xmpp-bosh
firewall-cmd --permanent --zone=internal --remove-service=xmpp-bosh]]></screen><para>To remove a port from a zone: </para><screen><![CDATA[firewall-cmd --zone=internal --remove-port=<port>/<protocol>
firewall-cmd --permanent --zone=internal --remove-port=<port>/<protocol>]]></screen><para>Example: </para><screen><![CDATA[firewall-cmd --zone=internal --remove-port=5353/udp
firewall-cmd --permanent --zone=internal --remove-port=5353/udp]]></screen><para>To add a service to a zone: </para><screen><![CDATA[firewall-cmd --zone=<zone> --add-service=<service>
firewall-cmd --permanent --zone=<zone> --add-service=<interface>]]></screen><para>Example: </para><screen><![CDATA[firewall-cmd --zone=internal --add-service=xmpp-bosh
firewall-cmd --permanent --zone=internal --add-service=xmpp-bosh]]></screen><para>To add a port to a zone: </para><screen><![CDATA[firewall-cmd --zone=internal --add-port=<port>/<protocol>
firewall-cmd --permanent --zone=internal --add-port=<port>/<protocol>]]></screen><para>Example: </para><screen><![CDATA[firewall-cmd --zone=internal --add-port=5353/udp
firewall-cmd --permanent --zone=internal --add-port=5353/udp]]></screen></section><section><title>Modifying the zone of interfaces</title><para>You can manually change the assignment of zones of each interfaces after they have been autuomatically assigned by the first boot process. </para><para>To see current assignment of interfaces to zones: </para><screen><![CDATA[firewall-cmd --list-all-zones]]></screen><para>To remove an interface from a zone: </para><screen><![CDATA[firewall-cmd --zone=<zone> --remove-interface=<interface>
firewall-cmd --permanent --zone=<zone> --remove-interface=<interface>]]></screen><para>Example: </para><screen><![CDATA[firewall-cmd --zone=external --remove-interface=eth0
firewall-cmd --permanent --zone=external --remove-interface=eth0]]></screen><para>To add an interface to a zone: </para><screen><![CDATA[firewall-cmd --zone=<zone> --add-interface=<interface>
firewall-cmd --permanent --zone=<zone> --add-interface=<interface>]]></screen><para>Example: </para><screen><![CDATA[firewall-cmd --zone=internal --add-interface=eth0
firewall-cmd --permanent --zone=internal --add-interface=eth0]]></screen><para>Back to <ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Features#">Features introduction</ulink> or <ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Manual#">manual</ulink> pages. </para><!--rule (<hr>) is not applicable to DocBook--><informaltable><tgroup cols="8"><colspec colname="col_0"/><colspec colname="col_1"/><colspec colname="col_2"/><colspec colname="col_3"/><colspec colname="col_4"/><colspec colname="col_5"/><colspec colname="col_6"/><colspec colname="col_7"/><tbody><row rowsep="1"><entry colsep="1" rowsep="1"><para><emphasis role="strong">Information</emphasis></para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"><para><emphasis role="strong">Support</emphasis></para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong">Contribute</emphasis></para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"><para><emphasis role="strong">Reports</emphasis></para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong">Promote</emphasis></para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Introduction#">Overview</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Hardware#">Hardware</ulink> </para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong"> </emphasis></para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Support#">Live Help</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Contribute#">Where To Start</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Translate#">Translate</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/ProgressCalls#">Calls</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/TalksAndPresentations#">Talks</ulink> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Features#">Features</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Vision#">Vision</ulink> </para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong"> </emphasis></para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/QuestionsAndAnswers#">Q&amp;A</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Design#">Design</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/TODO#">To Do</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/ReleaseNotes#">Releases</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Press#">Press</ulink> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Download#">Download</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Manual#">Manual</ulink> </para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong"> </emphasis></para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Contribute/Code#">Code</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Contributors#">Contributors</ulink> </para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/FreedomBox/Blog#">Blog</ulink> </para></entry></row><row rowsep="1"><entry colsep="1" nameend="col_1" namest="col_0" rowsep="1"><para> <ulink url="https://en.wikibooks.org/wiki/FreedomBox_for_Communities">FreedomBox for Communities</ulink> </para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"/><entry colsep="1" nameend="col_5" namest="col_4" rowsep="1"><para> <ulink url="https://docs.freedombox.org">FreedomBox Developer Manual</ulink> </para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"/></row></tbody></tgroup></informaltable><para><!--"~-smaller-~" is not applicable to DocBook-->HELP &amp; DISCUSSIONS: <ulink url="https://discuss.freedombox.org">Discussion Forum</ulink> - <ulink url="https://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">Mailing List</ulink> - <ulink url="irc://irc.debian.org/freedombox">#freedombox irc.debian.org</ulink> | CONTACT <ulink url="https://freedomboxfoundation.org/">Foundation</ulink> | JOIN <ulink url="https://salsa.debian.org/freedombox-team/">Project</ulink> </para><para><link linkend="">Next call</link>: Sunday, July 26th at 17:00 UTC </para><para><link linkend="">Latest news</link>: Announcing Pioneer FreedomBox Kits - 2019-03-26 </para><para>This page is copyright its contributors and is licensed under the <ulink url="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)</ulink> license. </para><!--rule (<hr>) is not applicable to DocBook--><para> <ulink url="https://wiki.debian.org/FreedomBox/Manual/Firewall/CategoryFreedomBox#">CategoryFreedomBox</ulink> </para></section></section></section></article>
Reference in New Issue View Git Blame Copy Permalink