User Firewall System enable users to add, remove and maintain personal firewall rules for:
Hosts they own, and
Hosts that are in Untrusted Subnetwork
So if you have a computer with an IP address starting with any of the following prefixes
129.94.172.
129.94.173.
129.94.174.
129.94.175.
you can use this tool to manage its traffic through CSE's gateway. If you require a port to be opened for a computer that does not start with these prefixes, then you should email System Support ss@cse.unsw.edu.au with
How to use
There are two interfaces available for this program:
"Priv firewall": which is a command line tool. To use this tool you should type "priv firewall" in an xterm on any of the CSE managed linux boxes.
CSE's Account Control Panel: which is a graphical web interface. Login to Account Control Panel using your CSE username and password, and then go to firewall icon under Computing Resources . Here is an snapshot of this interface:
Every rule is given an expiry date when added. Currently, rules operate for a year. This means that one day you will receive an automated email saying that your rule is about to expire. Then if you require the rule you should extend it through any of the above mentioned methods.
Emails
On a number of accasions users receive automated email from this system, here is a list:
One week before a rule expires.
When the rule expires (but still the rule is kept as inactive for a week).
When the inactive rule is removed (a week after expirying)
When an IP address does not belong to a given user anymore, the associated rules expire.
Limitations
Rules can only be added through user accounts. In another words, rules cannot belong to a utility account or a group
Rules should belong to untrusted subnet.
Having Difficulty?
If you are having difficulty using the program, you can email System Support ss@cse.unsw.edu.au to ask for help.
