54
edits
Changes
no edit summary
# Make a backup of the original default rules: <source>cp /etc/sysconfig/iptables /etc/sysconfig/iptables.original</source>
# '''Stop libvirtd''' and '''restart iptables''' so that you have only the minimal default rules.
# Use the ifconfig or ip address command to determine the IP ADDRESS of your external facing address (i.e. IP address beginning with '''192.168.4840.x''' if you are using an SSD).
# Open a terminal on the Windows machine and '''ping''' your external facing IP address. Was it successful? (it should have worked)
# Change the '''default policy''' on the '''INPUT''' and '''FORWARD''' chains in the filter table to '''DROP'''.
# Make a new chain named '''MYICMP'''.
# Insert a rule to the '''beginning of the INPUT chain''' to send '''ICMP''' packets to your '''MYICMP''' chain.
# Find the '''IP ADDRESS''' and '''MAC address''' of your Windows machine's '''internal facing interface''' (should be an internal address beginning with '''192.168.4840.x''') .
# Add a rule to your '''MYICMP''' chain that allows '''ICMP''' packets coming in from '''192.168.X.0/24''' (i.e. your internal network).
# Insert a rule to the '''beginning of your MYICMP chain''' that denies '''ICMP pings''' originating with MAC address of your Windows machine.