Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

I need help with Linux script, it will be a firewall script for a VM. Please see below for what to do. It is between

I need help with Linux script, it will be a firewall script for a VM. Please see below for what to do. It is between 2 VMs (Server SRV IP - 172.16.30.10) (Client CLT IP -172.16.31.10)

Creating a firewall script (better!) When using the iptables utilities (iptables-save and iptables-restore) the rules are saved in a NON-editable format. If you want to modify/update your rules the best approach is to store your rules in a shell script. To create a script for your rules, follow the following steps:

o Step #1: Setup the script file & header information.

o Step #2: Setup variables (optional but useful). o

Step #3: Flush your firewall table.

o Step #4: Record all the rules that you used successfully in the lab (scenario #4).

o Step #5: Test your script.

Scenario #4: Accept all incoming traffic for a given service for all hosts on a subset. In this scenario we will selectively allow/block hosts on a subnet: all hosts, except for your client host, may access the service on port 49999.

Server setup: Setup the server to listen on port 49999 on all interfaces.

Verify that the server is listening on the selected port.

Iptables setup:

List your current rules: there should be three rules (2 ACCEPT & 1 REJECT).

Insert the following two rules:

o Insert the rule to block all incoming traffic from your client on port 49999: insert it as the third rule: -I INPUT 3.

o Insert the rule to allow all incoming traffic of the subnet 172.16.31.0 on port 49999: insert it as the fourth rule. Brain teaser: What would happen if the rule was added rather than inserted? List the rules: you should see 5 rules.

Setup rules summary You should have the following rules (in that order):

Traffic originating from

your server is allowed (2 rules)

your own client is blocked (1 rule)

all other hosts on the client subnet are allowed (1 rule)

all other hosts are blocked (1 rule)

Iptables listing

ACCEPT all anywhere anywhere

AECCEPT all server_host anywhere

REJECT tcp client_host anywhere tcp dpt:49999 .

ACCEPT tcp 172.16.31.0/24 anywhere tcp dpt:49999

REJECT tcp anywhere anywhere tcp dpt:49999

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

The Accidental Data Scientist

Authors: Amy Affelt

1st Edition

1573877077, 9781573877077

More Books

Students also viewed these Databases questions