Open main menu

CDOT Wiki β

Changes

SRT210 Lab 2

504 bytes added, 10:47, 14 January 2019
Adding a rule
| |means drop the packet – make it disappear - and do not continue processing rules. '''REJECT''' is similar, but causes an error packet to be sent back to the source host. '''ACCEPT''' causes the packet to be processed. '''LOG''' causes an entry to be made in the system logs showing that the packet was processed. Note that the LOG target is the only one that does not stop rule-checking in the chain - so you can log a packet with one rule, and then use a later rule in the chain to DROP, REJECT, or ACCEPT it
|}
 
To play with this:
* Install the Apache web server on lin1 (the package is called httpd).
* Enable and start that service.
* Install links (a command-line web browser) and see if you can connect to http://localhost (it should work by default).
* Try to use Firefox on c7host to see the same webpage from lin1 (it should not work by default).
* If you check your iptables rules you should be able to figure out why you can't connect.
* Add a rul on lin1 to allow inbound traffic to Apache (TCP port 80).