1,760
edits
Changes
→Building a Simple Firewall on VM1
===Building a Simple Firewall on VM1 ===
'''On your VM1, on the open another "root" terminal, and build a custom firewall by performing the following steps:'''
#Add appropriate rule(s) to allow all traffic to/from the loopback 'lo' interface.
#Add a rule to the INPUT chain of the filter table to allow all UDP traffic coming from port 53. i.e. source port is 53.
#Create a new chain named MYSSH in the filter table.
#Add a rule to the INPUT chain of your filter table that sends all tcp packets with destination port 22 to your MYSSH chain.
#Add a rule to your MYSSH chain to deny all traffic from 192.168.122.1 (i.e. your Fedora host). Also log these denied packets with log level 'info'and log prefix "DENIED BY MYSSH".
#Add a rule to the INPUT chain of the filter table that allows all new tcp ssh connections.
#Make a new chain named MYICMP in the filter table.