The firewall built into Fedora checks every incoming and outgoing network connection on your machine against a set of rules. These rules specify which types of connections are permitted and which are denied.

By default the firewall is enabled, with a simple set of rules that allow connections to be made from your system to others, but permit only network browsing and SSH (Secure SHell) connections from other systems. You may make changes on this screen to allow access to specific network services on your Fedora system.

To enable access to the services listed on this screen, click the check box next to the service name.

	SSH Provides Immediate Remote Access
	All Fedora systems automatically run the SSH remote access service, and the default firewall configuration allows connections to this service. The default configuration ensures that administrators have immediate remote access to new systems through the user and root accounts.

To enable access to other services, select Other ports, and Add the details. Use the Port(s) field to specify either the port number, or the registered name of the service. Select the relevant Protocol from the drop-down. The majority of services use the TCP protocol.

	The Services List
	The /etc/services file lists service port numbers and names that are registered with the Internet Assigned Names Authority (IANA).

If a service uses more than one port number, enter each port. For example, an IMAP service enables users to access their e-mail from another system through TCP port 143. To permit IMAP connections to your system, add imap or port number 143.

Avoid disabling the firewall. If you believe that it is necessary to do so, select No firewall.

	Changing the Firewall Settings
	To change these settings later, choose System → Administration → Security Level and Firewall.