932
edits
Changes
m
Switching the practice step back to just practice on the host. Will set VM rules elsewhere.
=== Practice Setting Firewall Rules ===
We will run some iptables commands on your vm1 the host to practice and get a basic understanding of how to set rules.
# First, issue an ''iptables command'' to set the policy to disable '''all forwarding traffic''', and remove the rule that is rejecting it.# Next, set the default policy to drop '''all inbound traffic''', and remove the rule that is rejecting traffic.# Issue an iptables command to list rules for verification.<br />The remaining tasks will relate to that same '''inbound''' traffic chain.# Issue an ''iptables command'' to delete the default ssh rule, and issue another iptables command to verify.# Issue an ''iptables command'' to add a insert the SSH rule in the beginning of the chain. Verify that did what you thought it did, then delete that allows ssh traffic rule (i.e. tcp packets with destination port 22by number) , and verify that originates from any machine within your virtual networkit was deleted.# Issue an ''iptables command'' to append the SSH rule to the end of the chain, verify, delete the default icmp that same rule, and verify.# Issue an ''iptables command'' to allow icmp traffic from addresses in delete the related,established rule. Test your virtual network.# Test that connectivity between your machines can still use ping hosts and ssh to communicate with each othervms.What happened?# Store the commands you used to modify the iptables into a shell script called: Issue an '''firewall_restore.bash'iptables command''# Set up a cron entry so that your rules are automatically applied every time the machine boots.# Now copy the script to restore your other VMs and make it apply firewall to them when they boot as well.# Reboot each machine and make sure this works before you move onits default settings.
'''Record steps, commands, and your observations in INVESTIGATION 1 in your OPS335 lab log-book'''