User Firewall System enable users to add, remove and maintain personal firewall rules for:
Hosts they own, and
Hosts that are in Untrusted Subnetwork
So if you have a computer with an IP address starting with any of the following prefixes
you can use this tool to manage its traffic through CSE's gateway. If you require a port to be opened for a computer that does not start with these prefixes, then you should email System Support email@example.com with
How to use
There are two interfaces available for this program:
"Priv firewall": which is a command line tool. To use this tool you should type "priv firewall" in an xterm on any of the CSE managed linux boxes.
Every rule is given an expiry date when added. Currently, rules operate for a year. This means that one day you will receive an automated email saying that your rule is about to expire. Then if you require the rule you should extend it through any of the above mentioned methods.
On a number of accasions users receive automated email from this system, here is a list:
One week before a rule expires.
When the rule expires (but still the rule is kept as inactive for a week).
When the inactive rule is removed (a week after expirying)
When an IP address does not belong to a given user anymore, the associated rules expire.
Rules can only be added through user accounts. In another words, rules cannot belong to a utility account or a group
Rules should belong to untrusted subnet.
If you are having difficulty using the program, you can email System Support firstname.lastname@example.org to ask for help.