������O�������
�����������������$�������.���6�������e���1��������������������
�������������������������1�������D���
���W�������e���H���}���/������X����������O�������[�������g�������n�������w��� ����������������������J������� ������ �� ��� ��
��� ��[��� �����I!������1"������L"��5���["��)���"��)���"������"������"��
����#��?����#������N#��-���S#������#��
���#��y���#�������$������ $������)$��>���9$������x$��s���$������$������$�������%��9���)%������c%��<���~%��9���%������%��6����&������E&��
���V&������d&������q&�� ���&������&������&������&������&������&��!���&������&������&������&��(����'��*���9'������d'������'������'��7���'������'������'�������(��
����(�������(������"(������2(������L(������\(�����v(�����P)������ *������(*������.*������5*�����9*������*�������+������#+������6+��&���J+������q+������v+������|+������+������+������+������+������+������+�������,�� ����,������",�����*,������,������-������-��l���.�����i/������/�������0�� ����0��
����0������)0������50������;0��i���T0��m���0��V���,1��E���1������2��
���2������2�� ���2������2��
����3��/���$3������T4������h4������{4������4������4������4������4������4������4��<���4��K���45�����5��&����6��A���76������y6�����6������g7��
���w7������7������7������7������7������7������7������7������7�������8�������8��Q���38��2���8��*���8������8�����8������9������9������9������9�����9��@���:��/���:��8����;��S���:;��L���;��E���;��G���!<��O���i<��K���<��V����=��I���\=��$���=������=������=������=������=��%����>��
���+>������9>��-���?>��;���m>��B���>��|���>������i?������r?��
���?������?�� ���?������?������?������?������?������?������?�������@�������@�������@������-@��9���A@������{@������@������@������@������@������@������@�����@�����A��=���QB������C������C�����C��
���CD������QD������XD������`D��J���qD������D������D������D��
���D������E������E������E������E������E��8����F������MF������RF������^F������cF�����iF������G�����G�����H������lI�����J�����6K������K������M������M��-����N������KN������eN��%���~N��p���N��$����O��8���:O��C���sO��Y���O��b����P�����tP��a���P��5���YQ��d���Q��a���Q��X���VR�����R�����RS�����T�����qU������V�����V��c���ZW��F���Y��O����Z��
���UZ��
���cZ������nZ��o���vZ������Z������Z������
[��"����[�����2[�����[������^\������k\�����|\�������]��Z����]������r]������]������]�� ���]��
���]������]�� ���]�������^�������^��B����^��i���V^������^������^������^������^������^������^�������_��
����_��f���*_������_������_������_������_������_�����_������`������`��4���`��?���!a��1���aa������a������a������a������a�����a�����b�����Ic�����c��1���e��(���e�������f��:���(f������cf������yf������f������f��
���f��
���f��
���f��
���f������f��F����g��'���Xg��V���g��
���g������g������g������g�������h�������h������%h�����,h�����h�����ei�������j�������j������(j��N���5j�����j������nk������k��0���k��!���k��$���k�������l������&l������-l��-���:l������hl��)���ol������l������l��x���l������*m�� ���=m������Gm��?���Xm������m��W���m������m������m�������n��?���&n������fn��'���yn��*���n������n��,���n�������o�� ���&o������0o������=o������So������Zo�� ���^o������ho������oo������vo��!���o������o������o������o��$���o��)���o�� ���%p������Fp������]p��E���mp������p������p������p������p������p������p�������q������)q������9q�����Uq������r������r������r������r������r�����r������s������s������s������s������s�������t�� ����t�� ����t�� ����t������&t������6t������Lt������bt������rt������t������t������t�����t������]u�����su�����&v��l����w��g���uw������w������w�������x�������x��
���%x������0x��#���6x��^���Zx��d���x��L����y��=���ky������z������z������z������z������z�� ���z������z������ |�������|�� ���)|������3|������O|������n|������u|������|��
���|��-���|��9���|������}������}��5���}������}������~��������������������(������C������H������g�������������� �����������������������`�����7���2��.���j�����������������N������[������s�������������9���-��-���g��9�����I���ς��?������9���Y��E�����N���ك��6���(��E���_��0�����!���ք�������������������������%��,���5��
���b�� ���p��!���z��@�����6���݅��u������������������������������ ���Ɔ������І������׆������ކ�������������������������$������+������8������E��-���U������������������������������������ԇ����������������������L������g������z�������������� ����������%������,��F���9��������������������
��������ʋ������~��������������������"���Ќ������������������������������������������A�����#����������������������S�����?������+������F������b������u�� �����[������������6���#��B���Z��W�����d�����Z���Z��?�����2�����`���(��O�����d���ٗ�����>�����Ř�����Y�����ܚ�����f�������*�����?�����O���������C������J������W��Z���d������������̟������ܟ��!�����z����������������������$��k���7��������`����������������*������7������G��
���`������k��!���r��������������=�����`���ݢ������>������\������k������z������������������������ǣ��f���Σ������5������J������f��#���~�����������������`������p��8�����C�����8������"���;������^��}���u��������~��������������������������������I�������������4����������T������I��������������D�����������������������-������R�����������@���
���D������Y�������������`���������'����������������������������z�������A�������������H���}���
���G������[����������������J������3�������5���*�����������V�������������G���������� �������?���6���������������������m�������>������1������>���W���Z�����������8�������������������/�������������������l������u��������������~�����������
���b���U����������q�������2��������������������������������������������������������������?������������������.�������9���#���;�������4���%�����������6����������h�����������B���M���������7���Q������d�������;�������S�������������%������^����������������P���������������������������������
�����������������p���:���r�������)����������!�����������X������������$�������������� ���N���/����������c����������������������g���i���F���x���������e�������2����������������������,�������9���=�������_�����������������������������o���(�������������� ������������������(���'������L��������������=�������k����������������t���������������������������������������������#������a��������������|���E���<���,�������y��������������K���)���8������"���A�������7�������C����������N��������������������������\���C���1���������������������������������������<�������B�������v������O�������"����������]����������:������������H�������������$�������+���K���w���j�����������5�����������0������E��� ������������������n����������*���F�������&�����������{���������������s���L������0����������3�����������������.��������������&�������������������������f���O���������������������������������������������������J���M����������������-�������+����������������@���������!����
ERROR - You must be root to run %s.�%(option)s option requires %(count)s arguments�%s is not a valid protocol.�%s is not a valid range (start port >= end port).�%s option does not take a value�%s option requires an argument�(modified)�Basic Firewall Settings�Configuration�Destination�Information�Source�User Skill Level�Your current configuration is empty, all traffic will be blocked.�Firewall Configuration Wizard�Save on stop and Save on restart additionally save rule and chain counter.�����[-]:���A "System without network access" does not need a firewall at all. This selection disables the firewall. Otherwise, choose "System with network access".�A firewall allows other computers to access selected services on your computer and helps to prevent unauthorized access beyond these selections. Select the services to which the firewall should allow access.�A firewall protects against unauthorized network intrusions. Enabling a firewall blocks all incoming connections. Disabling a firewall allows all connections and is not recommended. �Add�Add Entry�Add Interface�Add additional ports or port ranges, which need to be accessible for all hosts or networks.�Add entries to forward ports either from one port to another on the local system or from the local system to another system. Forwarding to another system is only useful if the interface is masqueraded. Port forwarding is IPv4 only.�Address '%s' is not valid.�All %s devices�Allow access to necessary ports or port ranges, only.�Allow access to necessary services, only.�Allow all traffic on the specified device�Amanda Backup Client�Apply�Apply changes�Authentication is required to read and modify firewall settings�Back�Backwards compatibility, aliased to --enabled�Bacula�Bacula Client�Bacula is a network backup solution. Enable this option, if you plan to provide Bacula backup, file and storage services.�Be more verbose�Beginner�Beginner
Expert�Block this ICMP type. The default is to accept all ICMP types.�Cancel�Clicking the 'Yes' button will override any existing firewall configuration. Are you sure that you want to do this?�Close�Configuration failed�Configure SELinux mode: %s�Configure SELinux type: Usually targeted or strict Policy�Configure Service Settings�Configure firewall but do not activate the new configuration�Configure firewall helper modules for connection tracking�Configure firewall rules�Configure the iptables and ip6tables service settings.�Conntrack Helper�Converting %s�Custom Rules�Custom Rules File�Customize�DNS�Default:�Description�Desktop�Desktop
Server�Destination (at least one needed)�Destination Unreachable�Disable�Disable Firewall�Disable Internet Printing Protocol (IPP)�Disable Internet Protocol Security (IPsec)�Disable Multicast DNS (mDNS)�Disable an iptables module�Disable firewall�ERROR: FirewallD is active, please use firewall-config.�Echo Reply (pong)�Echo Request (ping)�Edit�Edit Entry�Enable�Enable Firewall�Enable an iptables module�Enable firewall�Enable firewall (default)�Enable this option if you want to allow remote virtual machine management with SASL authentication and encryption (digest-md5 passwords or GSSAPI/Kerberos). The libvirtd service is needed for this option to be useful.�Enable this option if you want to allow remote virtual machine management with TLS encryption, x509 certificates and optional SASL authentication. The libvirtd service is needed for this option to be useful.�Enabled�Error�Expert�FTP�FTP is a protocol used for remote file transfer. If you plan to make your FTP server publicly available, enable this option. You need the vsftpd package installed for this option to be useful.�Failed to remove %s.�Failed to start %s.�Failed to stop %s.�Failed to write %s.�Failed to write selinux configuration.�File�File:�Filename�Firewall�Firewall Configuration�Firewall Configuration Startup�Firewall Configuration Wizard�Firewall Table�Firewall Table:�Firewall authorization�Firewall:�Forward�Forward the port with protocol for the interface to either another local destination port (no destination address given) or to an other destination address with an optional destination port. This is IPv4 only.�Forward to another port�HTTP is the protocol used to serve Web pages. If you plan to make your Web server publicly available, enable this option. This option is not required for viewing pages locally or developing Web pages.�HTTPS is a modified HTTP used to serve Web pages when security is important. Examples are sites that require logins like stores or web mail. This option is not required for viewing pages locally or developing Web pages. You need the httpd package installed for this option to be useful.�Here you can define which services are trusted. Trusted services are accessible from all hosts and networks.�Hit OK to apply your changes. You do not need to restart the firewall, the changes are effective as soon as they are applied.�Hit enter to continue.�ICMP Filter�ICMP Type�IMAP over SSL�IP address:�IPsec�IPv6 has no nat support.�If you clear the keep configuration button, the actual firewall configuration will be overwritten.�If you enable local forwarding, you have to specify a port. This port has to be different to the source port.�If you enable masquerading, IP forwarding will also be enabled for your IPv4 networks.�If you need further firewall settings, please modify your configuration by hand, but keep in mind, that this tool is not able to load your custom configuration. If you are using this tool, all your manual changes will be lost. If you do not want to lose your manual configuration changes, leave this program without applying.�Ignore�Ignore All�Ignore actual settings�Interface�Interface '%s' is not valid.�Interface:�Internet Protocol Security (IPsec) incorporates security for network transmissions directly into the Internet Protocol (IP). IPsec provides methods for both encrypting data and authentication for the host or network it sends to. If you plan to use a vpnc server or FreeS/WAN, do not disable this option.�Invalid argument %s�Keep Configuration�Key:�List predefined services.�List the supported icmp types.�Load�Load _Default Configuration�Local forwarding�Mail (SMTP)�Make sure to open the destination port on the remote system.�Mark all interfaces as trusted which should have full access to the system.�Mark the ICMP types in the list, which should be rejected. All other ICMP types are allowed to pass the firewall. The default is no limitation.�Mark the interfaces to be masqueraded.�Masquerades traffic from the specified device. This is IPv4 only.�Masquerading�Masquerading allows you to set up a host or router that connects your local network to the internet. Your local network will not be visible and the hosts appear as a single address on the internet. Masquerading is IPv4 only.�Move Entry Down�Move Entry Up�Multicast DNS (mDNS)�NFS4�Network Printing Client (IPP)�Network Printing Server (IPP)�No�No configuration�Not configured�Numeric status output�OK�Old firewall configuration.�Only mark interfaces if you can trust all participants on that network interface.�Open specific ports in the firewall (e.g, ssh:tcp)�Open the firewall for a service (e.g, ssh)�OpenVPN�OpenVPN is a virtual private network (VPN) solution. It is used to create encrypted point-to-point tunnels between computers. If you plan to provide a VPN service, enable this option.�Other Ports�POP-3 over SSL�Parameter Problem�Parse error in config file�Please answer the questions in the following configuration steps. The wizard leads you back to the main application and hides all unnecessary configuration options.�Please check your firewall settings after applying custom rules.�Please enter a port or port range and protocol.�Please enter a valid port number, service name or range.�Please load a default configuration from the Options menu or use the wizard.�Please remember to check if the services iptables and ip6tables are enabled.�Please remember to check your firewall configuration before using it.�Please select an entry from the list or enter a interface further down.�Please select an entry from the list or enter a port and protocol further down.�Please select keep configuration or choose to load a default configuration.�Please select the protocol type, the firewall table and the file containing the rules.�Please select the source and destination options according to your needs.�Please specify your firewall skills.�Port�Port / Port Range:�Port Forwarding�Port and Protocol�Port or port range '%s' is not valid.�Port/Protocol�Port:�Predefined Services with Default Environment:�Print a counter/number for every rule in the status output.�Print addresses and ports in numeric format for the status output.�Print information about the number of packets and bytes plus the input- and outputdevice in the status output.�Protocol�Protocol '%s' is not valid.�Protocol Type�Protocol Type:�Protocol:�Quit�RADIUS�Red Hat Cluster Suite�Redirect�Reload�Reload current configuration�Remove�Remove Entry�Router Advertisement�Router Solicitation�Run noninteractively; process only command-line arguments�SELinux Options (deprecated)�SSH�Samba�Samba Client�Save and restore counter�Save on restart�Save on stop�Save the active firewall configuration with all changes since the last start before restarting the firewall. Only do this if you need to preserve the active state for the next start.�Save the active firewall configuration with all changes since the last start before stopping the firewall. Only do this if you need to preserve the active state for the next start.�Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful.�Secure WWW (HTTPS)�Select�Select "Expert" if you are familiar with firewall configurations or if you need to add user customized rules. Otherwise, choose "Beginner".�Select a File�Server�Service�Service Settings�Set firewall default type: %s. This overwrites any existing configuration.�Show this help message�Show version�Source (all needed)�Source Quench�Specify a custom rules file for inclusion in the firewall, after the default rules. Default protocol type: ipv4, default table: filter. (Example: ipv4:filter:/etc/sysconfig/ipv4_filter_addon)�Start Wizard�Start configuration wizard�Status line numbers�Supported icmp types:�System without network access
System with network access�TFTP�TFTP Client�TODO�Table�The Amanda backup client option allows you to connect to a Amanda backup and archiving server. You need the amanda-client package installed for this option to be useful.�The Domain Name System (DNS) is used to provide and request host and domain names. Enable this option, if you plan to provide a domain name service (e.g. with bind).�The Internet Message Access Protocol over SSL (IMAPs) allows a local client to access email on a remote server in a secure way. If you plan to provide a IMAP over SSL service (e.g. with dovecot), enable this option.�The Internet Printing Protocol (IPP) is used for distributed printing. IPP (over tcp) provides the ability to share printers over the network. Enable this option if you plan to share printers via cups over the network.�The Internet Printing Protocol (IPP) is used for distributed printing. IPP (over udp) provides the ability to get information about a printer (e.g. capability and status) and to control printer jobs. If you plan to use a remote network printer via cups, do not disable this option.�The NFS4 protocol is used to share files via TCP networking. You will need to have the NFS tools installed and properly configure your NFS server for this option to be useful.�The Post Office Protocol version 3 (POP3) is a protocol to retrieve email from a remote server over a TCP/IP connection. Enable this option, if you plan to provide a POP3 service (e.g. with dovecot).�The Remote Authentication Dial In User Service (RADIUS) is a protocol for user authentication over networks. It is mostly used for modem, DSL or wireless user authentication. If you plan to provide a RADIUS service (e.g. with freeradius), enable this option.�The Trivial File Transfer Protocol (TFTP) is a protocol used to transfer files to and from a remote machine in s simple way. It is normally used only for booting diskless workstations and also to transfer data in the Preboot eXecution Environment (PXE).�The file '%s' does not exist.�The firewall configuration is not consistent.�The firewall is disabled.�The firewall is enabled.�The firewall table '%s' is not valid.�The following files are missing or unusable:
%s
Apply your firewall configuration now to correct this problem.�The protocol type '%s' is not valid.�There are unapplied changes, do you really want to quit?�This error message informs a host to send packets on another route.�This error message is generated by a host or gateway if the destination is not reachable.�This error message is generated if the IP header is bad, either by a missing option or bad length.�This error message is generated if the time-to-live was exceeded either of a packet or of the reassembling of a fragmented packet.�This error message is generated to tell a host to reduce the pace at which it is sending packets.�This message is the answer to an Echo Request.�This message is used by a host attached to a multicast link to request a Router Advertisement�This message is used by routers to periodically announce the IP address of a multicast interface.�This message is used to test if a host is reachable mostly with the ping utility.�This option allows a Bacula server to connect to the local machine to schedule backups. You need the bacula-client package installed for this option to be useful.�This option allows incoming SMTP mail delivery. If you need to allow remote hosts to connect directly to your machine to deliver mail, enable this option. You do not need to enable this if you collect your mail from your ISP's server by POP3 or IMAP, or if you use a tool such as fetchmail. Note that an improperly configured SMTP server can allow remote machines to use your server to send spam.�This option allows you to access Trivial File Transfer Protocol (TFTP) servers. You need the tftp package installed for this option to be useful.�This option allows you to access Windows file and printer sharing networks. You need the samba-client package installed for this option to be useful.�This option allows you to access and participate in Windows file and printer sharing networks. You need the samba package installed for this option to be useful.�This option allows you to use the Red Hat Cluster Suite. Ports are opened for openais, ricci and dlm. You need the Red Hat Cluster Suite installed for this option to be useful.�This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see .�This program will help you to set up a basic firewall for your system.�This wizard helps you to set up a clean firewall configuration for your system.�Time Exceeded�To Address�To Port�To ensure a sane state, the kernel firewall modules must be unloaded when the firewall is restarted or stopped.�Trusted Interfaces�Trusted Services�Type�Unload modules on restart and stop�Update firewall non-interactively if the firewall is enabled. This will also restart the firewall. The -n and -f options will be ignored.�Use custom rules files to add additional rules to the firewall. The custom rules are added after the default rules. The files must have the iptables-save format.�User Defined�User Skill Level�Using these options with no additional firewall options will not create or alter firewall configuration, only SELinux will be configured.�Valid values: %s�Valid values: [-], where port is either a number [0..65535] or a service name.�Valid values: tcp, udp�Verbose status�Virtual Machine Management�Virtual Machine Management (TLS)�WWW (HTTP)�Warning�What kind of system do you have?�Wizard�Yes�You can change the settings in the Options menu afterwards.�Your firewall configuration was converted from an old version. Please verify the configuration and apply.�[:][:]�_About�_File�_Help�_Options�_Quit�_Start Configuration Wizard�configuration�if=:port=:proto=[:toport=][:toaddr=]�invalid interface '%s'.�invalid port definition %s.�invalid service '%s'.�ipv6 has no nat support.�local�mDNS provides the ability to use DNS programming interfaces, packet formats and operating semantics in a small network without a conventional DNS server. If you plan to use Avahi, do not disable this option.�modified label�no such option: %s�option %(option)s: invalid forward_port '%(value)s'.�option %(option)s: invalid forward_port '%(value)s': %(error)s.�option %(option)s: invalid icmp type '%(value)s'.�port range %s is not unique.�system-config-firewall�translator-credits�yes�Firewall Configuration�yes�Mark the ICMP types in the list, which should be rejected. All other ICMP types are allowed to pass the firewall. The default is no limitation.�yes�The Internet Control Message Protocol (ICMP) is mainly used to send error messages between networked computers, but additionally for informational messages like ping requests and replies.�yes�Use custom rules files to add additional rules to the firewall. The custom rules are added after the default rules. The files must have the iptables-save format.�Project-Id-Version: system-config-firewall
Report-Msgid-Bugs-To:
POT-Creation-Date: 2011-02-16 16:32+0200
PO-Revision-Date: 2013-11-20 09:28+0000
Last-Translator: Hexchain Tong
Language-Team: Chinese (China) (http://www.transifex.com/projects/p/system-config-firewall/language/zh_CN/)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Language: zh_CN
Plural-Forms: nplurals=1; plural=0;
�
错误 - 您必须是根用户才能运行 %s。�%(option)s 选项需要 %(count)s 参数�%s 不是有效协议。�%s 不是有效范围(起始端口 >= 终止端口)。�%s 选项没有数值�%s 选项需要一个参数�(已修改)�基本防火墙设置�配置�目标�信息�源�用户技能水平�你的当前配置是空的,所有数据流都会被阻止。�防火墙配置向导�停止时保存和重启时保存将额外保存规则以及链计数。�����[-]:�<服务>��“未联网的系统”根本不需要防火墙。选择此选项将禁用防火墙。否则请选择“联网的系统”。�防火墙允许其他计算机访问您的系统上的选定的服务和帮助阻止未经认证的访问在上面这些选定项中。选择防火墙允许访问的服务�防火墙保护网络免遭未经授权的网络入侵。启用防火墙会阻塞所有进入的连接。禁用防火墙会允许所有连接,我们不推荐您这么做。�添加�添加条目�添加接口�添加可让所有主机或者网络访问的附加端口或者端口范围。�添加条目来转发端口,可以是从本地系统的一个端口到另一个端口,也可以是从本地系统到另一个系统。转发到另一个系统只在接口是伪装的时候有用。端口转发只适用于 IPv4。�地址‘%s’无效。�所有 %s 设备�仅允许访问到必要的端口或端口范围�仅允许必要的服务访问。�允许指定设备上的所有流量�Amanda 备份客户端�应用�应用改动�读取和修改防火墙设置需经过验证�返回�向下兼容性,是 --enabled 的别名�Bacula�Bacula 客户端�Bacula 是网络备份解决方案。如果您要提供 Bacula 备份、文件和存储服务,则请启用此选项。�显示详细信息�初学者�初学者
专家�阻断 ICMP 类型。默认设置时接受所有 ICMP 类型。�取消�点击“确定”按钮会覆盖现有的防火墙配置。您确定要这样做吗?�关闭�配置失败�配置 SELinux 模式:%s�配置 SELinux 类型:通常是目标策略或者限制策略�配置服务设定�配置防火墙但不激活新的配置�添加防火墙帮助模块来追踪连接�配置防火墙规则�配置iptables和ip6tables的服务设定。�Conntrack 帮助程序�转换 %s�定制规则�自定义规则文件�定制�DNS�默认:�描述�桌面�桌面
服务器�目的地(至少需要一个)�目的地不可达到�禁用�禁用防火墙�禁用互联网打印协议(IPP)�禁用互联网协议安全性(IPsec)�禁用多点广播 DNS(mDNS)�禁用 iptables 模块�禁用防火墙�错误:防火墙守护进程是活动的,请使用firewall-config�应答回应(pong)�应答请求(ping)�编辑�编辑条目�启用�启用防火墙�启用一个 iptables 模块�启用防火墙�启用防火墙(默认)�如果您要允许使用 SASL 认证和加密(数字 md5 密码或者 GSSAPI/Kerberos)进行远程虚拟机管理,请启用这个选项。要使用这个选项则需要 libvirtd 服务。�如果您要允许使用 TLS 加密、x509 证书及可选 SASL 认证进行远程虚拟机管理请启用这个选项。要使用这个选项需要 libvirtd 服务。�启用�错误�专家�FTP�FTP 是用来进行远程文件传输的协议。如果您希望将您的 FTP 服务器向公众开放,请启用此选项。要使此选项可用,您需要安装 vsftpd 软件包。�移除 %s 失败。�启动 %s 失败。�终止 %s 失败。�写入 %s 失败。�写入 selinux 配置失败。�文件�文件:�文件名�防火墙�防火墙配置�启动防火墙配置�防火墙配置向导�防火墙表格�防火墙表格:�防火墙验证�防火墙:�转发�为接口将带协议的端口转发到另一个本地目的地端口(没有给出目的地地址)或者其它带可选目的地端口的目的地地址。只适用与 IPv4。�转发到另一端口�HTTP 是用来提供网页的协议。如果您希望让您的 Web 服务器向公众开放,请启用此选项。要浏览本地页面或者开发网页则不需要此选项。�HTTPS 是修订的 HTTP,可在网络安全性非常重要的时候用来提供网页。例如那些需要登录的网站,如网上购物或者网络邮件。如果要让此选项可用,您需要安装 httpd 软件包。�在这里您可以定义哪些服务是可信的,可信的服务可以被任意主机或者网络访问。�按确定应用你的改动. 你不必重启防火墙,这些改动会在应用后立即生效。�按回车键继续。�ICMP 过滤器�ICMP 类型�通过 SSL 使用 IMAP�IP 地址:�IPsec�IPv6 没有奈特(nat)支持。�如果你清除了保留配置复选框,那么现在的防火墙配置将被覆盖。�如果你允许本地转发,你必须指定一个端口。 这个端口不能和源端口相同。�如果您启用伪装,还会为您的 IPv4 网络启用 IP 转发功能。�如果您需要对防火墙做进一步的设定,请手动修改您的配置,但请记住,因为这个工具无法载入您自定义的配置。如果您要使用这个工具,所有您的手动修改将会丢失。如果您不想丢失您的手动配置,请离开这个程序并且不要点'应用'按钮。�忽略�忽略全部�忽略实际设置�接口�接口‘%s’无效。�接口:�互联网协议安全性(IPsec)将网络传输安全性直接整合入互联网协议(IP)。IPsec 同时为主机或者要发送到的网络提供加密数据和验证的方法。如果您希望使用 vpnc 服务器或者 FreeS/WAN,请不要禁用此选项。�无效的参数 %s�保留配置�密钥:�列出预定义的服务。�列出支持的 icmp 类型。�载入�载入默认(_D)配置�本地转发�邮件 (SMTP)�确保在远端系统中打开目标端口。�将所有系统都可以访问的接口标记为可信。�在列表中标记应该被拒绝的 ICMP 类型。所有其它 ICMP 类型则被允许通过防火墙。默认设置是没有限制。�将接口标记为伪装。�特定设备的伪装数据流。只适用于 IPv4。�伪装(Masquerading)�如果您要设置一台将您的本地网络连接到互联网的主机或者路由器,伪装(Masquerading)是很有用的。您的本地网络将不可见,且该主机是以单一地址的形式出现在互联网中。伪装仅用于 IPv4。�向下移动条目�向上移动条目�多点广播 DNS(mDNS)�NFS4�网络打印客户端(IPP)�网络打印服务器(IPP)�否�没有配置�未配置�数字状态输出�确定�旧的防火墙配置�仅当你信任该接口所在网络上所有用户的时候,才能把它标记为可信的。�打开防火墙中的特定端口(例如:ssh:tcp)�为某个服务(比如 ssh)打开防火墙�OpenVPN�OpenVPN 一个 虚拟专用网 (VPN) 解决方案。它被用来在电脑之间创建加密的点对点隧道。如果你打算提供一个VPN服务,则开启这个选项�其它端口�通过 SSL 使用 POP-3�参数问题�配置文件解析错误�请回答下面各个配置步骤中的问题。配置向导将一直引导您回到主程序,并隐藏所有设置中非必需的配置选项。�请在应用定制规则后检查您的防火墙设置。�请输入端口或者端口范围和协议。�请输入有效的端口号、服务名称或者范围。�请使用向导或者从选项菜单中载入一个缺省配置。�请记得检查是否启用了 iptables 和 ip6tables 服务。�请记住在使用防火墙配置前要先进行检查。�请从列表中选择一个条目或者在下拉条中输入端口。�请从列表中选择一个条目或者在下拉条中输入端口和协议。�请选择保留配置或者载入一个缺省配置。�请选择协议类型、防火墙列表以及包含规则的文件。�请根据您的需要选择源和目的选项。�请指定您的防火墙技能。�端口�端口/端口范围:�端口转发�端口和协议�无效的端口或者端口范围‘%s’。�端口/协议�端口:�缺省环境的预定义服务:�在状态输出结果中为每个规则显示计数器/数量。�为状态输出打印数字格式的地址和端口。�在状态输出结果中显示有关数据包数量、字节以及 input- 和 outputdevice 的信息。�协议�协议‘%s’无效。�协议类型�协议类型:�协议:�退出�RADIUS�红帽群集套件�重新定向�重新载入�重新载入当前配置�删除�删除条目�路由广告�路由器请求�非交互式执行;只处理命令行参数�SELinux 选项(过时的)�SSH�Samba�Samba 客户端�保存和恢复计数器�重启时保存�终止时保存�保存自上次防火墙启动后到重启前的激活防火墙配置及其修改。如果您需要为下次启动保留激活状态,进行这一步操作就可以了。�保存自上次防火墙启动后到停止前的激活防火墙配置及其修改。如果您需要为下次启动保留激活状态,进行这一步操作就可以了。�安全 Shell(SSH)是一种用于登录远程机器并在其中执行命令的协议,它提供安全加密的通讯。如果您计划通过 SSH 远程访问您位于防火墙后的机器,请启用此选项。要使此选项可用,您需要安装 openssh-server 软件包。�安全 WWW (HTTPS)�选择�如果您熟悉防火墙配置,并需要添加自定义的规则,请选择 "专家"。否则请选择 "初学者"。�选择一个文件�服务器�服务�服务设置�设置防火墙缺省类型:%s。 它会覆盖所有现存的配置。�显示此帮助信息�显示版本号�源(全部需要)�Source Quench�在默认规则后指定防火墙中包含的定制规则文件。默认协议类型:ipv4,默认 iptable:filter。(示例:ipv4:filter:/etc/sysconfig/ipv4_filter_addon)�启动向导�启动防火墙配置向导�状态行数目�支持的 icmp 类型:�未联网的系统
联网的系统�TFTP�TFTP 客户端�TODO�表格�Amanda 备份客户端选项允许您连接到 Amanda 备份和归档服务器。您需要安装 amanda-client 软件包方可使此选项可用。�域名系统(DNS)可用来提供和查询主机及域名。如果您计划提供域名服务(例如:使用 bind 提供),请启用此选项。�使用 SSL(IMAPs)进行互联网信息访问的协议允许本地客户端以安全方式访问远程服务器的电子邮件。如果您计划通过 SSL 服务(例如使用 dovecot)提供 IMAP,请启用此选项。�互联网打印协议(IPP)是用于分散的打印。IPP 可通过 tcp 提供通过网络共享打印机的能力。如果您计划使用 cups 通过网络共享打印机,那么请启用此选项。�互联网打印协议(IPP)是用于分散的打印。IPP 可通过 udp 提供获得某个打印机信息(例如:打印机容量和状态)以及控制打印作业的能力。如果您想要通过 cups 使用远程网络打印机,那么请不要禁用此选项。�NFS4 协议可用来通过 TCP 联网共享文件。要使该选项可用,您需要安装 NFS 工具并正确配置您的 NFS 服务器。 �邮局协议 v3(POP3)是用来搜索来自用 TCP/IP 进行连接的远程服务器电子邮件的协议。如果您计划提供 POP3 服务(例如使用 dovecot),请启用此选项。�拨号用户远程认证服务(RADIUS)是用于网络中的用户认证的协议,通常用于调制解调器、DSL或者无线用户认证。如果您计划提供 RADIUS 服务(例如使用 freeradius),请启用此选项。�普通文件传输协议(TFTP)是使用简单方法向远程机器传送文件或者从远程机器接受文件的协议。一般只在引导无磁盘工作站时使用,且还可在预引导执行环境(PXE)中传送数据。�文件‘%s’不存在。�防火墙配置不够坚固�禁用防火墙。�启用防火墙。�防火墙列表‘%s’无效。�以下文件丢失或不可用:
%s
现在应用你的防火墙配置来修正这个问题�协议类型‘%s’无效。�有一些未应用的修改,您确实想退出吗?�这个出错信息让主机想另一个路由中发送数据包。�这个出错信息是由某个主机或者网关在目的地不可到达时生成的。�在 IP 标题损坏(可能是缺少选项,或者长度不对)时会生成这个出错信息。�在数据包或者重组片段数据包超过生存时间时会生成这个出错信息。�生成此信息是告诉主机减小发送数据包的幅度。�这个信息是对 Echo 请求 的回答。�这个信息是由附加到多播链接主机用来请求 路由器广告 的主机使用�这个信息是路由器用来周期性发布多点传送接口的 IP 地址。�这个信息是用来测试主机是否可以到达,大多数情况是使用 ping 工具。�这个选项允许 Bacula 服务器连接到本地机器安排备份。您需要安装 bacula-client 软件包以便使用此选项。�这个选项允许入站的 SMTP 邮件传递。如果您需要允许远程主机直接连接到您的机器来传递邮件,请启用此选项。如果您是使用 POP3 或者 IMAP 从您 ISP 的服务器收取邮件,或者您使用类似 fetchmail 的工具,则无需启用此选项。注意:一个配置不当的 SMTP 服务器可能导致远程机器使用您的服务器发送垃圾邮件。�这个选项允许您访问普通文件传输协议(TFTP)服务器。要使此选项可用,您需要安装 tftp 软件包。�这个选项允许您访问 Windows 文件和共享网络的打印机。要使此选项可用,您需要安装 Samba-client 软件包。�这个选项允许您访问并加入共享 Windows 文件和打印机的网络。要使此选项可用,您需要安装 Samba 软件包。�这个选项允许您使用红帽群集套件。为 openais、ricci、dlm 而打开端口。要使此选项可用,您需要有红帽群集套件。�这一程序是自由软件,你可以遵照自由软件基金会出版的GNU通用公共许可证条款来修改和重新发布这一程序。或者用许可证的第二版,或者(根据你的选 择)用任何更新的版本。
发布这一程序的目的是希望它有用,但没有任何担保。甚至没有适合特定目的的隐含的担保。更详细的情况请参阅GNU通用公共许可证。你应该已经和程序一起收到一份GNU通用公共许可证的副本。如果还没有, 请参考 。�本程序将帮助您为系统设置一个基本的防火墙。�这个向导将帮助您为系统设置一个干净的(clean)防火墙配置。�超时�目的地址�目的端口�要确保 snae 状态,需要在重启和停止防火墙时卸载内核防火墙模块。�可信接口�可信的服务�类型�在重启和停止时卸载模块�如果启用了防火墙,则以非交互方式更新,这还会重启防火墙,此时 -n 和 -f 选项将被忽略。�使用定制规则文件来为防火墙添加额外的规则。这些规则会添加到默认规则之后,这些文件必须是 iptables格式。�用户定义的�用户技能水平�使用这些选项时不会生成附加防火墙选项或者警告防火墙配置,只会配置 SELinux。�有效值: %s�有效值:[-],其中 port 可以是数字 [0..65535] 或者一个服务名称。�有效值:tcp,udp�详细程度�虚拟机管理�虚拟机管理(TLS)�WWW (HTTP)�警告�您的系统是什么样子的?�向导�是�以后你可以在选项菜单中修改这些设置。�你的防火墙配置是从一个旧版本中转换而来的。请验证该配置后应用它。�[:][:]�关于(_A)�文件(_F)�帮助(_H)�选项(_O)�退出(_Q)�(_S)启动防火墙配置向导�配置�if=:port=:proto=[:toport=][:toaddr=]�无效接口 '%s'。�无效的端口定义 %s。�无效服务‘%s’。�ipv6 没有奈特(nat)支持。�本地�mDNS 提供在没有常规 DNS 服务器的小型网络中使用 DNS 编程界面、数据包格式和操作语意的能力。如果您计划使用 Aahi,请不要禁用此选项。�修改的标签�没有此选项:%s�选项 %(option)s:无效的转发端口 '%(value)s'。�选项 %(option)s:无效的转发端口 '%(value)s': %(error)s。�选项 %(option)s:无效的 icmp 类型 '%(value)s'。�端口范围 %s 不是唯一的。�system-config-firewall�译者:刘卫(Leah Liu) [lliu@redhat.com],2007
Rocky DD [rockyac@gmail.com],2008�防火墙配置�在列表中标记应被拒绝的 ICMP 类型。所有其他的 ICMP 类型将被允许通过防火墙。默认为无限制。�互联网控制消息协议 (ICMP) 主要用于在网络上的计算机之间发送错误消息和其他信息,如 ping 请求和响应。�使用自定义规则文件添加规则到防火墙。自定义规则将被添加在默认规则之后。文件必须符合 iptables-save 格式。�