Changes

Jump to: navigation, search

OPS235 Lab 7 - CentOS7 - HD2

13 bytes added, 17:14, 24 October 2016
no edit summary
# Issue the iptables command verify the INPUT policy has been set (look for the Policy section, NOT INPUT).<br><br>After the overall default policy is set, then you can create policy rules that are "exceptions" to the default policy rules. These iptables commands are more complex since you need to determine: <ul><li>'''Where each rules appears in the chain'''? (order can be important)</li><li>'''Which protocol(s)''' are affected (eg. tcp, udp, icmp)</li><li>'''What source or destination IP Addresses''' are affected?</li><li>'''What port numbers''' are affected?</li><li>'''What action to take''' if all of the above conditions are met? (eg. ACCEPT, REJECT, DROP, or LOG)</li></ul><br>
:'''iptables Command Structure (for setting exceptions):'''<br><table width="100%" cellpadding="10" cellspacing="0" border="1"><tr valign="top><td>Place Rule in Chain</td><td>Chain Name</td><td>Specify Protocol</td><td>Source/Destination IPADDR</td><td>Port Number</td><td>Action to Take<br>(i.e. "jump to target")</td><td>Target</td></tr><trvalign="top"><td>'''-A''' (add / Append to bottom of chain)<br>'''-I''' (insert at top of chain)<br>'''-i CHAIN-NAME 5''' (insert before line #5 in CHAIN-NAME)</td><td>'''INPUT'''<br>'''OUTPUT'''<br>'''FORWARD'''<br>'''CHAIN-NAME'''</td><td>'''-p tcp''' (tcp packets)<br>'''-p udp''' (datagram packets)<br>'''-p tcp,udp,icmp''' (combined)<br>(refer to '''/etc/protocols''' for available network protocols)</td><td>'''-s IPADDR''' (originating IPADDR)<br>'''-d IPADDR''' (destination IPADDR)</td><td>'''--sport 22''' (originating port 22 - SSH)<br>'''--sport 80''' (originating port 80 - http)<br>'''--dport 22''' (originating port 22 - SSH)<br>'''--dport 80''' (destination port 80 - http)<br><br>(refer to '''/etc/services''' for available port numbers)</td><td>'''-j''' </td><td>'''ACCEPT'''<br>'''REJECT'''<br>'''DROP'''<br>'''LOG'''</td>
</tr></table><br><br>
13,420
edits

Navigation menu