Testing_Lab8-v6
docx
keyboard_arrow_up
School
Stanford University *
*We aren’t endorsed by this school
Course
50
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
3
Uploaded by SuperHumanWaterAlbatross9
1.
Tasks (Assignment)
As part of the lab assignment, you are expected to answer the following questions by
providing a short report
.
1
-
Add a new IPTables rule to prevent outgoing traffic to port 80, and test the rule to
make sure it is working. Provide (in your report) screenshots listing the rules and the
test results
.
First, we tried to connect with
www.google.com
via port 80 using telnet
www.google.com
80.
We are able
to connect
after
conducting
the test
Next,
we
add the rule
as
requested:
sudo
iptables -A
OUTPUT -p
tcp —dport
80 -j DROP
And check
to
ensure
the rule is
confirmed
using sudo
iptables -L
Conduct
another
connection
test
using
command
telnet
www.google.c
om
80 and
1
rec
eiv
ed
bel
ow
res
ult.
Thi
s
sh
ow
s
the
rule
is
wo
rki
ng
2
-
Write a rule to accept all packets incoming on a particular interface, for example
eth0 or localhost. Provide (in your report) screenshots listing the rules and the test
results
.
Using sudo iptables -F to clear all rules from previous task. Afterward, we add the new
rule as requested using sudo iptables -A INPUT -i eth0 -j ACCEPT
To confirm, we connect to
www.google.com
using telnet
www.google.com
80. Connection
was established, meaning the rule is working
3
-
What is the meaning of the following IPTables rules
?
a
(
iptables -A INPUT -s 192.168.0.4 -j ACCEPT
The command is allowing incoming packets from IP address 192.168.0.4 to reach the
system by adding a rule to the firewall's INPUT chain
.
b) iptables -A INPUT -s 192.168.0.4 -m mac --mac-source 00:50:8D:FD:E6:32 -j
ACCEPT
2
The command allows incoming packets from the IP address 192.168.0.4 only if they
originate from the MAC address 00:50:8D:FD:E6:32
.
c) iptables -A INPUT -s 192.168.0.0/24 -j ACCEPT
# using standard slash notation
The command allows incoming traffic from any IP address within the 192.168.0.0/24
(ranging from 192.168.0.0 to 192.168.0.255) subnet to pass through the firewall
.
d) iptables -A INPUT -s 192.168.0.0/255.255.255.0 -j ACCEPT # using a subnet mask
The command allows incoming traffic from any IP address ranging from 192.168.0.0 to
192.168.0.255 to pass through the firewall
.
e) iptables -A INPUT -p tcp --dport 6881 -j ACCEPT
The command allows incoming TCP traffic on port 6881 to pass. So any services or
applications using port 6881 are allowed to receive incoming connections
.
f) iptables -A INPUT -p tcp --dport 6881:6890 -j ACCEPT
The command allows incoming TCP traffic to any port between port 6881-6890 to pass
.
3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help