Changes

OPS335 Firewall Lab

7 bytes removed, 09:59, 23 January 2016

no edit summary

# Add a rule to your '''MYICMP''' chain that denies '''ICMP pings''' originating with MAC address of your partner's machine.

# Add a rule to your '''MYICMP''' chain that denies '''ICMP pings''' originating with IP address of your partner's machine.

# Once you are happy with how your firewall works - make a backup of the original default rules: <source lang='bash'>cp /etc/sysconfig/iptables /etc/sysconfig/iptables.original</source>

# Overwrite the defaults with the current state of the firewall:<source lang='bash'>/usr/libexec/iptables/iptables.init save</source>

# Store the above commands into a shell script called: myicmp_resore.bash

~~Once you're happy with how your firewall works - make a backup of the original default rules:~~

~~<source lang='bash'>cp /etc/sysconfig/iptables /etc/sysconfig/iptables.original</source>~~

~~And then overwrite the defaults with the current state of the firewall:~~

~~<source lang='bash'>/usr/libexec/iptables/iptables.init save</source>~~

~~And store the above commands into a shell script called: myicmp_resore.bash~~

Upon completion of this lab, each of your machines has a firewall protecting them from unexpected traffic. You should now have a basic understanding of the commands necessary to modify firewalls using iptables. You will be building on these rules for the rest of the course. Record the URLs of the websites you've used to figure out how to do the work.

Msaul

Administrators

13,420

edits

Changes

OPS335 Firewall Lab

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

get involved with CDOT

courses

course projects

links

Tools