932
edits
Changes
m
=== Practice Setting Firewall Rules ===
We will run some iptables commands to practice and get a basic understanding of how to set rules.
# First, issue an ''iptables command'' to set the policy to disable '''all inbound traffic'''. Issue an iptables command to list rules for verification.<br>The remaining tasks will relate to that same '''inbound''' traffic chain.
# Issue an ''iptables command'' to delete the default ssh rule, and issue another iptables command to verify.
# Issue an ''iptables command'' to insert the SSH rule in the beginning of the chain. Verify that did what you thought it did, then delete that rule (by number), and verify that it was deleted.
# Issue an ''iptables command'' to append the SSH rule to the end of the chain, verify, delete that same rule, and verify.
# Issue an ''iptables command'' to delete the related,established rule. Test your network connectivity between your hosts and vms. What happened?
# Issue an ''iptables command'' to restore your firewall to its default settings.
Adding note about cron entry so that work isn't lost.
#Are there any differences between those 2 files? What does this mean if your VMs get disconnected in terms of the firewall rules?
{{Admon/tip|Graphically Compare File Differences|You can also install a graphical tool that makes it much easier to see differences: '''kompare before.txt after.txt<br><br>NOTE: Make certain to run the command as a regular user (not root!).}}
'''Record steps, commands, and your observations in INVESTIGATION 1 in your OPS335 lab log-book'''
# Issue '''iptables -L -v''' to view your firewall rules for your newly-created chains.
# Store the commands you used to modify the iptables into a shell script called: '''firewall_restore.bash'''
# Set up a cron entry so that your rules are automatically applied every time the host machine boots.
Upon completion of this lab, each of your vms has a firewall protecting them from unexpected traffic. You should now have a basic understanding of the commands necessary to modify firewalls using iptables. You will be building on these rules for the rest of the course. Record the URLs of the websites you've used to figure out how to do the work.