Open main menu

CDOT Wiki β

Changes

OPS235 Lab 6 - CentOS7

237 bytes removed, 18:44, 4 May 2015
no edit summary
# Can we mix these policies? Try to set the FORWARD chain policy to ACCEPT. Did it work?
=== Testing iptables policies Policies ===
# Execute the command <b><code><span style="color:#3366CC;font-size:1.2em;">iptables -L</span></code></b> and check that the policies on your INPUT and OUTPUT chain are set to DROP
</ol>
{{Admon/note | === Making iptables Service |When your iptables service starts or at boot time it has to load the rules from the file <code>/etc/sysconfig/iptables</code>.}}Policies Persistent ===
{{Admon/important | Non-Persistent Changes to your Host System | Complete this lab on your host system (f16host). It should be noted that all of the commands that we do here with iptables will not be persistent unless you have your configuration. That means if you re-boot, the default iptables configuration will be loaded.}}When your iptables service starts or at boot time it has to load the rules from the file <code>/etc/sysconfig/iptables</code>. The final section below teaches you to make your iptables settings permanent. # '''Make a backup of the file <code>/etc/sysconfig/iptables</code>'''# Examine the file to see how rules are added.# Issue the command: <code>iptables-save > /etc/sysconfig/iptables</code> to save the rules you added with the iptables command, above.# Verify that the file <code>/etc/sysconfig/iptables</code> was updated with your new rules.# Restart your iptables service and test your configuration.
<ol>
<li value="9">'''Make a backup of the file <code>/etc/sysconfig/iptables</code>'''</li>
<li>Examine the file to see how rules are added.</li>
<li>Issue the command: <code>iptables-save > /etc/sysconfig/iptables</code> to save the rules you added with the iptables command, above.</li>
<li>Verify that the file <code>/etc/sysconfig/iptables</code> was updated with your new rules.</li>
<li>Restart your iptables service and test your configuration. </li>
<li>Write a short bash script to add a rule allowing the centos1 and centos3 VM's to connect to <code>ssh</code> on the CentOS host.</li>
</ol>
'''Answer the Part 3 observations / questions in your lab log book.'''
13,420
edits