Open main menu

CDOT Wiki β

Changes

OPS535 A1 201603

125 bytes added, 13:20, 7 June 2018
m
Network, firewall, and SELinux
* Do not allow DNS queries from any machines in your network to any root name servers in the lab except your caching-only DNS server.
* SELinux must be turned on and run in enforcing mode on all of your VMs. You need to configure the runtime SELinux boolean accordingly.
* You must turn on These machines will use firewalld as their firewall on all machines and have . Their interfaces should be placed in the 'work' zone, which should allow ssh traffic. Other than that it should only allow the traffic necessary to fulfil the filter table rule drops or rejects any unwanted packetsroles described above.
== Test and evaluation ==
932
edits