Open main menu

CDOT Wiki β

Changes

OPS335 Firewall Lab

7 bytes removed, 08:59, 23 January 2016
no edit summary
# Add a rule to your '''MYICMP''' chain that denies '''ICMP pings''' originating with MAC address of your partner's machine.
# Add a rule to your '''MYICMP''' chain that denies '''ICMP pings''' originating with IP address of your partner's machine.
# Once you are happy with how your firewall works - make a backup of the original default rules: <source lang='bash'>cp /etc/sysconfig/iptables /etc/sysconfig/iptables.original</source>
# Overwrite the defaults with the current state of the firewall:<source lang='bash'>/usr/libexec/iptables/iptables.init save</source>
# Store the above commands into a shell script called: myicmp_resore.bash
Once you're happy with how your firewall works - make a backup of the original default rules:
<source lang='bash'>cp /etc/sysconfig/iptables /etc/sysconfig/iptables.original</source>
And then overwrite the defaults with the current state of the firewall:
<source lang='bash'>/usr/libexec/iptables/iptables.init save</source>
And store the above commands into a shell script called: myicmp_resore.bash
Upon completion of this lab, each of your machines has a firewall protecting them from unexpected traffic. You should now have a basic understanding of the commands necessary to modify firewalls using iptables. You will be building on these rules for the rest of the course. Record the URLs of the websites you've used to figure out how to do the work.
13,420
edits