Open main menu

CDOT Wiki β

Changes

OPS235 Lab 7

9 bytes added, 07:14, 4 November 2016
no edit summary
=== Part 2: Setting a Default Policy / Setting Policy Exceptions (iptables) ===
Usually when setting policy rules with iptables, a general "overall" policy is set (default policy chain). A good way to think about setting policies is to have a '''"safety -net "''' to take some sort of action to prevent un-handled packets from passing through the firewall by mistake.After the default policy is set-up, then specific exceptions to the default policy can be added to control specific network traffic.
An example would be to set a default policy for incoming network traffic (INPUT chain) to DROP everything, and then set an exception certain exceptions (like ssh connections). Note the following table below for policy setting examples.<br><br>
13,420
edits