Specify basic firewall settings

This policy sets up a simple exclusionary firewall on targeted machines using iptables. When enabled, the firewall will by default allow all outgoing traffic but block any inbound traffic with the exception of ssh and ping.
The format is:

Name:Type:Protocol:Port:Action

Name is just an identifying string.
Type is either INPUT or OUTPUT (caps are mandatory).
Use INPUT to block incoming port and OUTPUT to block the computer from sending on that port.
Protocol should be one of tcp, udp, icmp, or all.
Port is the port number.
Action is either ACCEPT or DROP.

This example would allow connections to the machine as a web server

HTTP:INPUT:tcp:80:ACCEPT

This example will prevent the machine from sending mail

SMTP:OUTPUT:tcp:25:DROP


Supported on:
Set banner path

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Centrify\UnixSettings\LinuxFirewall
Value Name
Value TypeREG_DWORD
Default Value/etc/issue

centrify_linux_settings.admx

Administrative Templates (Computers)

Administrative Templates (Users)