Open main menu

CDOT Wiki β

Changes

OPS235 Lab 6 - Fedora17

1,781 bytes removed, 15:09, 4 March 2010
Investigation 8: How do I view and configure the IPTABLES firewall? -- Basic Function/Configuration
Iptables consists of three chains of rules – INPUT, OUTPUT and FORWARD. Here as brief explanation of these chains.
'''OUTPUT''' – When you want to do some research on the Web for something, you open a browser on your PC and navigate to http://www.google.ca. When you do you are attempting to establish an HTTP or HTTP HTTPS session with the web server at http://www.google.ca. A data packet is built with apprpriate appropriate IP and TCP information and sent out of your computer but before it goes out to the Internet it will be compared to all of the rules in the OUTPUT chain to see if this data is allowed to go “out” of the PC. If it is not allowed then the packet is dropped.
'''INPUT''' – If your data was allowed out and a request was sent to http://www.google.ca, this web server will send data back to your PC with an acknowledgement. Before this data can be processed by your browser, it must first be checked against the INPUT chain to see if it is allowed into the PC. If it is, your browser will process the data and move to it's next task. If it is not, the packet will be dropped.
'''FORWARD''' – LINUX PC's are often used as routers or gateways for other PC's. This means that data may have to be passed through this LINUX box, but the data is not intended for the LINUX PC nor is it being sent by the LINUX PC. Even though the data will go into this PC and it will exit this PC, the INPUT and OUTPUT chains do not apply here. Because the PC is acting as a router it does not actually send or receive data, it FORWARDS data from one machine to another. When this process happens, the data is checked against the FORWARD chain to see if it is allowed through. If it is the router will forward the data to it's destination. If not, the packet is dropped.}}
Iptables consists of three chains of rules – INPUT, OUTPUT and FORWARD. Here as brief explanation of these chains.
 
'''OUTPUT''' – When you want to do some research on the Web for something, you open a browser on your PC and navigate to http://www.google.ca. When you do you are attempting to establish an HTTP or HTTP session with the web server at http://www.google.ca. A data packet is built with apprpriate IP and TCP information and sent out of your computer but before it goes out to the Internet it will be compared to all of the rules in the OUTPUT chain to see if this data is allowed to go “out” of the PC. If it is not allowed then the packet is dropped.
 
'''INPUT''' – If your data was allowed out and a request was sent to http://www.google.ca, this web server will send data back to your PC with an acknowledgement. Before this data can be processed by your browser, it must first be checked against the INPUT chain to see if it is allowed into the PC. If it is, your browser will process the data and move to it's next task. If it is not, the packet will be dropped.
 
'''FORWARD''' – LINUX PC's are often used as routers or gateways for other PC's. This means that data may have to be passed through this LINUX box, but the data is not intended for the LINUX PC nor is it being sent by the LINUX PC. Even though the data will go into this PC and it will exit this PC, the INPUT and OUTPUT chains do not apply here. Because the PC is acting as a router it does not actually send or receive data, it FORWARDS data from one machine to another. When this process happens, the data is checked against the FORWARD chain to see if it is allowed through. If it is the router will forward the data to it's destination. If not, the packet is dropped.
Note: We will complete this lab on the host machine. It should be noted that all of the commands that we do here with iptables will not be persistent. That means if you re-boot, the default iptables configuration will be loaded.
9
edits