Open main menu

CDOT Wiki β

Changes

OPS235 Lab 6 - CentOS7

40 bytes added, 18:39, 4 May 2015
no edit summary
<li>Enter the command:<br><code>iptables -I OUTPUT -p tcp -s0/0 -d 0/0 --dport 80 -j DROP</code></li>
<li>Try to access the Web. If you have done everything right, you should not have been successful.</li>
<li>After you have completed the test execute the following command:<br><code>iptables -F</code><br><br></li><li>Using the information you have learned, try on your own to achieve the same goal as above (block www access to your computer) by using the INPUT chain instead of the OUTPUT chain.</li><li>After you have completed this task, flush the iptables again.</li><li>Make sure that your ssh server is running on the host machine and try to access it from a virtual machine of your choice.</li><li>Once you have confirmed that ssh is running on the host machine, insert an iptables rule on the host machine to prevent access to the ssh server from all VM's on the virtual network.</li><li>Confirm that your rule works by testing from your VM's</li><li>Does iptables close the port? Check using <code>netstat</code></li><li>Now insert a rule on the CentOS host that would ACCEPT connections from the centos2 VM only.</li><li>Fully test your configuration.</li>
</ol>
 
=== Final Tasks ===
 
# Using the information you have learned, try on your own to achieve the same goal as above (block www access to your computer) by using the INPUT chain instead of the OUTPUT chain.
# After you have completed this task, flush the iptables again.
# Make sure that your ssh server is running on the host machine and try to access it from a virtual machine of your choice.
# Once you have confirmed that ssh is running on the host machine, insert an iptables rule on the host machine to prevent access to the ssh server from all VM's on the virtual network.
# Confirm that your rule works by testing from your VM's
# Does iptables close the port? Check using <code>netstat</code>
# Now insert a rule on the CentOS host that would ACCEPT connections from the centos2 VM only.
# Fully test your configuration.
{{Admon/note | iptables Service |When your iptables service starts or at boot time it has to load the rules from the file <code>/etc/sysconfig/iptables</code>.}}
13,420
edits