2.1. Firewall items

A firewall is a system made up of several network interfaces connected to different branches of different networks. Every interface allows the firewall to communicate with the zone the interface is connected to. A zone can be made up of one or more subnets or even all Internet.

Every firewall interface can communicate with a zone. If an host belonging to the zone X wants to communicate with another host that belong to the zone Y it has to pass through the firewall. If it is able to avoid the obstacle, we haven't built a good network as our firewall cannot do its task well.

Having said this, we can set in the firewall a series of rules to determine which packets can pass from a zone to another. These rules can consider a series of characteristics of the packet that has to be filtered: zone/subnet/source host, zone/subnet/destination host, protocol (tcp/udp/icmp), source and destination port, ecc.

Using Turtle Firewall is possible to define the elements that can be source or destination of a connection, assign them a name and then use the name to define the firewall rules.

If you want to view the list of the firewall elements, click on the Items icon in the main menu of the Turtle Firewall Webmin module. Now you can see, divided into four tables, ZONE, NET, HOST and GROUP items.