The Incoming Firewall app is used for two primary purposes:
If your system does not have this app available, you can install it via the Marketplace.
You can find this feature in the menu system at the following location:
When the firewall is enabled on your ClearOS system, the default behavior is to block all external (Internet) traffic. If you plan on running services on your ClearOS system that can be accessible from the Internet, then you will need to add the firewall policy to do so. For example, the OpenVPN server requires UDP port 1194 to be open on the firewall.
You can also open up ports to allow for remote management of your ClearOS system. For example, you can open up TCP port 81 to give access to the web-based administration tool (webconfig).
There are three ways to add an incoming firewall rule:
Select a standard service in the Standard Services form.
Input a protocol and single port number in the Port form.
Input a protocol and multiple consecutive ports in a port range in the Port Range form.
Unlike some other firewall systems you do not
need to open a port on the incoming page if you are forwarding the port
to an internal server on your network.
Block External Hosts
In some circumstances, you may want to block particularly annoying systems from ever connecting to your ClearOS system. For example, you may notice a lot of network traffic from a virus infested remote network. You can block this traffic by specifying an IP or network in the Block External Hosts tool.