IPTables Linux use the Net_lter framework to _lter packages, enable NAT or PAT and pe
- or -
Post a project like this2225
€15(approx. $16)
- Posted:
- Proposals: 1
- Remote
- #1924793
- Awarded
Description
Experience Level: Intermediate
hi I need to get the bellow done should be simple for someone to do
IPTables
Linux use the Net_lter framework to _lter packages, enable NAT or PAT and
perform other forms of packet mangling, see [3] for more information about
net_lter. In this section we are going to work with IPTables, which is a text
based front-end for Net_lter. In the previous assignments you have set up an
FTP, NFS, SAMBA/CIFS server, also DNS and email server, we must therefore
make sure that our _rewall will let these services through. We also want to be
able to connect to FTP servers to retrieve _les, and to connect to our server
using SSH and browse the Internet. Last but not least we would like to make
sure that we can send and receive ICMP echo and request packets to and from
our server, but nothing else.
With this in mind we can create the following _rewall policy:
• Drop all incoming packets by default.
• Allow all tra_c to and from the local network.
• Allow all incoming packets using transport protocol TCP and port 137-
139, 445 (SAMBA/CIFS).
• Allow all incoming packets using transport protocol TCP and port 20,21
(FTP).
• Allow all incoming packets using transport protocol UDP and port 53
(DNS).
• Allow all incoming packets using transport protocol TCP and port 25
(SMTP).
• (If applicable) Allow all incoming packets using transport protocol TCP
465 (Secure SMTP).
• Allow all incoming packets using transport protocol TCP and port 110(POP).
• (If applicable) Allow all incoming packets using transport protocol TCP
and port 995 (Secure POP3).
• Allow all incoming packets using transport protocol TCP and port 143.
• (If applicable) Allow all incoming packets using transport protocol TCP
and port 993 (secure IMAP).
• Allow all incoming packets using transport protocol TCP and port 53
(DNS).
• Allow all incoming packets using transport protocol TCP and port 80
(HTTP).
• Allow all incoming packets using transport protocol TCP and port 443
(HTTPS).
• Allow all incoming packets using transport protocol ICMP of type echo-
request
.
• Allow all incoming packets using transport protocol ICMP of type echo-
reply.
• Allow all outbound packets.
• Enable stateful packet inspection
Since the rules for IPTables are added with the help of the iptables
command, the best way to set up your _rewall is by adding the commands in a
shell script. Therefore create a _le named iptables.sh and add the following
lines at the beginning of the _le:
Replace everything that is written within <>, then add your iptables commands
after `Add your input and output chains below`.
IPTables
Linux use the Net_lter framework to _lter packages, enable NAT or PAT and
perform other forms of packet mangling, see [3] for more information about
net_lter. In this section we are going to work with IPTables, which is a text
based front-end for Net_lter. In the previous assignments you have set up an
FTP, NFS, SAMBA/CIFS server, also DNS and email server, we must therefore
make sure that our _rewall will let these services through. We also want to be
able to connect to FTP servers to retrieve _les, and to connect to our server
using SSH and browse the Internet. Last but not least we would like to make
sure that we can send and receive ICMP echo and request packets to and from
our server, but nothing else.
With this in mind we can create the following _rewall policy:
• Drop all incoming packets by default.
• Allow all tra_c to and from the local network.
• Allow all incoming packets using transport protocol TCP and port 137-
139, 445 (SAMBA/CIFS).
• Allow all incoming packets using transport protocol TCP and port 20,21
(FTP).
• Allow all incoming packets using transport protocol UDP and port 53
(DNS).
• Allow all incoming packets using transport protocol TCP and port 25
(SMTP).
• (If applicable) Allow all incoming packets using transport protocol TCP
465 (Secure SMTP).
• Allow all incoming packets using transport protocol TCP and port 110(POP).
• (If applicable) Allow all incoming packets using transport protocol TCP
and port 995 (Secure POP3).
• Allow all incoming packets using transport protocol TCP and port 143.
• (If applicable) Allow all incoming packets using transport protocol TCP
and port 993 (secure IMAP).
• Allow all incoming packets using transport protocol TCP and port 53
(DNS).
• Allow all incoming packets using transport protocol TCP and port 80
(HTTP).
• Allow all incoming packets using transport protocol TCP and port 443
(HTTPS).
• Allow all incoming packets using transport protocol ICMP of type echo-
request
.
• Allow all incoming packets using transport protocol ICMP of type echo-
reply.
• Allow all outbound packets.
• Enable stateful packet inspection
Since the rules for IPTables are added with the help of the iptables
command, the best way to set up your _rewall is by adding the commands in a
shell script. Therefore create a _le named iptables.sh and add the following
lines at the beginning of the _le:
Replace everything that is written within <>, then add your iptables commands
after `Add your input and output chains below`.
Ritchard S.
93% (59)Projects Completed
52
Freelancers worked with
33
Projects awarded
5%
Last project
6 Mar 2019
Sweden
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies