1,885
edits
Changes
→Testing policies
# Enter the command:
#* <code>iptables -I OUTPUT -p tcp -s0/0 -d 0/0 --dport 80 -j DROP</code>
# Try to access the Web. If you have done everything right, you should not have been successful.# After you have completed the test execute the following command:#* <code>iptables -F</code>
{{Admon/note| Interpreting iptables commands |This command can be read like this: Insert a rule into the iptables OUTPUT chain that will match any tcp packet, with any a source address, any destination address, and a deistination port of 80. Any packet that matches will be dropped.
}}
==== Additional Exercises ====