932
edits
Changes
m
→Creating Customized Chains
# Find a partner and get the ipaddress and MAC address of their external facing interface. If you don't have a partner - use a virtual machine.
# Add a rule to your '''MYICMP''' chain that allows '''ICMP''' packets coming in from '''192.168.X.0/24''' (i.e. your internal network).
# Add a rule to the beginning of your '''MYICMP''' chain that denies '''ICMP pings''' originating with MAC address of your partner's machine.# Add a rule to the beginning of your '''MYICMP''' chain that denies '''ICMP pings''' originating with IP address of your partner's machine.
# Issue '''iptables -L -v''' to view your firewall rules for your newly-created chains.
# Once you are happy with how your firewall works - make a backup of the original default rules: <source lang='bash'>cp /etc/sysconfig/iptables /etc/sysconfig/iptables.original</source>