Changes

Jump to: navigation, search

OPS335 Firewall Lab

21 bytes removed, 07:52, 29 September 2015
no edit summary
You're supposed to find and use documentation to learn how to complete these tasks, and of course you can ask your prof or lab assistant for help. Some introductory commands are provided to help you get started but the important part is that you learn this yourself. Learning how to find relevant documentation and understand it is just as important as the exact commands you'll finally use.
== IPTABLES Instructions ==
Iptables is a relatively simple technology but the syntax is a little verbose and it takes a bit of time to figure out how to create a whole set of rules that works properly. Here's a process you can follow to get this part of the lab done:
 
* Start with the default settings. When you install Iptables in CentOS it already has some rules predefined. The instructions below assume you have those default rules.
* Add one rule at a time using the appropriate iptables command (which you'll figure out yourself). Then check to make sure your command worked using:
** <code>iptables -L</code> or <code>iptables -L -n</code> if you'd like to see numeric port numbers.
** If possible - test it with an application (e.g. if SSH access is disabled/enabled - test with ssh).
* Save your rule in a bash script (.sh file) so you don't lose it and can rerun it easily.
* If your command didn't work - the easiest thing to do is reload the default rules. You can do that by restarting the iptables service.
 
=== Your tasks ===
Prior to beginning this lab verify network connectivity between your host and your VMs.
* Boot up your host.
*Restart the iptables service on the host
==Building = IPTABLES === Iptables is a relatively simple technology but the syntax is a little verbose and it takes a bit of time to figure out how to create a whole set of rules that works properly. Here's a process you can follow to get this part of the lab done: * Start with the default settings. When you install Iptables in CentOS it already has some rules predefined. The instructions below assume you have those default rules.* Add one rule at a Simple Firewall on time using the appropriate iptables command (which you'll figure out yourself). Then check to make sure your command worked using:** <code>iptables -L</code> or <code>iptables -L -n</code> if you'd like to see numeric port numbers.** If possible - test it with an application (e.g. if SSH access is disabled/enabled - test with ssh).* Save your rule in a bash script (.sh file) so you don't lose it and can rerun it easily.* If your command didn't work - the easiest thing to do is reload the default rules. You can do that by restarting the Host iptables service. === Your tasks === 
'''On your Host build a custom firewall by performing the following steps:'''
#Remove the rules in your input chain that are allowing all icmp and ssh traffic.

Navigation menu