Open main menu

CDOT Wiki β

Changes

OPS335 Lab 2 draft

244 bytes removed, 00:15, 14 January 2016
IPTABLES
# You can use these tools to compare any two text files, they often come in handy. For the purpose of this lab notice that some iptables rules are added automatically by the libvirtd service.
== IPTABLES =Overview =
Some documentation to get started with (you'll need to find more):* [https://en.wikipedia.org/wiki/Iptables #Overview Overview] section on Wikipedia is a relatively simple technology but good (short) overview of the syntax is a little verbose and it takes a bit of time system. You don't need to figure out how understand that diagram though.* [https://wiki.centos.org/HowTos/Network/IPTables CentOS Wiki] has some basic commands, you won't need to create a whole set use all of rules that works properlythem for the work below. Here == Simple rule changes == We's a process you can follow ll run some commands to practice and get this part a basic understanding of how the lab done:rules work. # Disable all inbound traffic...# Delete the default ssh rule# Insert the SSH rule in the beginning, delete it# Append the SSH rule to the end, delete it# Delete related,established rule, try to do anything# Restore defaults === Your tasks ===
* Start with the default settings. When you install Iptables in CentOS it already has some rules predefined. The instructions below assume you have those You will get the default rules.* Add one rule at a time using if you restart the appropriate iptables command (which you'll figure out yourself). Then check to make sure your command worked using:** <code>iptables -L</code> or <code>iptables -L -n</code> if you'd like to see numeric port numbers.** If possible - test it with an application (e.g. if SSH access is disabled/enabled - test with ssh)service.
* Save your rule in a bash script (.sh file) so you don't lose it and can rerun it easily.
* If your command didn't work - the easiest thing to do is:
** Then run your script with all the working iptables commands that you already finished.
** Go back to writing the rule that didn't work.
 
Some documentation to get started with (you'll need to find more):
* [https://en.wikipedia.org/wiki/Iptables#Overview Overview] section on Wikipedia is a good (short) overview of the system. You don't need to understand that diagram though.
* [https://wiki.centos.org/HowTos/Network/IPTables CentOS Wiki] has some basic commands, you won't need to use all of them for the work below.
 
=== Your tasks ===
'''On your Host build a custom firewall by performing the following steps:'''