Objective: The purpose of this lab is to gain experience working with iptables: the firewall built into linux.
What to turn in: Answers to the questions below.
iptables should already be installed on the SEED virtual machiens. To see a list of current firewall rules, run (as root)
iptables -L. You should see 3 sets of rules, all empty. The INPUT chain is used to filter incoming packets destined for this machine, the FORWARD chain is used to fitler packets this machine is forwarding, and the OUTPUT chain is used to filter outgoing packets originating at this machine.
Try to SSH from your eos machine to your SEED VM. You should be able to do it. Disconnect your ssh session, and change the default INPUT policy using the command
iptables -P INPUT DROP.
If you try to connect to the VM in any other way you will get similar results, but we want to allow some traffic. Lets make an exception for SSH traffic. We can do this with the command
iptables -A INPUT -p tcp --dport 22 -j ACCEPT. Verify that SSH to your VM now works, but other traffic is still blocked.
Find the address of your eos computer on the virtual network. Add a rule to deny all traffic from that source (you can specify a souce in a rule with -s).
Reverse the order of your two rules. You can delete rules with
Lets practice creating some more rules.
You may notice that you can no longer browse the web from inside your VM. You can fix this with the rule
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT. This allows iptables to account for connection state.
iptables has other advanced capabiities such as rate limiting. Investigate how to set a rate limit in iptables. Create rules to limit NEW SSH connections to one from each source IP address per minute.