Configuring the Firewall of Kaspersky Endpoint Security for Linux
July 3, 2024
ID 257565
To configure the Firewall using Kaspersky Security Center:
- Open the group policy for editing.
- Go to the Essential Threat Protection → Firewall tab.
- In the Network packet rules section, click Configure.
- In the list of network packet rules, click Add and specify the settings of the new rule:
- Protocol:
TCP
- Direction:
Inbound
- Remote ports:
Any
- Local ports:
25
- Remote addresses:
Any address
- Local addresses:
Any address
- Action:
Allow
- Log events:
Do not log
- Rule name:
TCP:25
Finish creating the new rule.
- Protocol:
- In the list of network packet rules, click Add and specify the settings of the new rule:
- Protocol:
TCP
- Direction:
Inbound
- Remote ports:
Any
- Local ports:
443
- Remote addresses:
Any address
- Local addresses:
Any address
- Action:
Allow
- Log events:
Do not log
- Rule name:
TCP:443
You can use a different local port number, the value is specified during the initial configuration of KSMG.
Finish creating the new rule.
- Protocol:
- In the list of network packet rules, click Add and specify the settings of the new rule:
- Protocol:
TCP
- Direction:
Inbound
- Remote ports:
Any
- Local ports:
9045
- Remote addresses:
Any address
- Local addresses:
Any address
- Action:
Allow
- Log events:
Do not log
- Rule name:
TCP:9045
Finish creating the new rule.
- Protocol:
- Save your changes to the list of rules.
- Save your group policy changes.
To configure the Firewall using the command line:
- Save the Firewall management task settings to a configuration file using the following command:
kesl-control --get-settings 12 --file <full path to the file>
- Open the created configuration file for editing.
- Add the following lines to the created file:
[PacketRules.item_<item number>]
FirewallAction=Allow
Direction=Incoming
Protocol=TCP
LocalPorts=25
[PacketRules.item_<item number>]
FirewallAction=Allow
Direction=Incoming
Protocol=TCP
LocalPorts=443
[PacketRules.item_<item number>]
FirewallAction=Allow
Direction=Incoming
Protocol=TCP
LocalPorts=9045
<item number>
is the sequential number of the PacketRules section, numbering starts from zero. - Save your changes in the configuration file.
- Import settings from the configuration file to the Firewall management task:
kesl-control --set-settings 12 --file <full path to the file>