F23 SPR100 A2 v1 (2)

SPR100 Assignments  Execute the following command “systemctl status nftables”.  Take a screen shot of the terminal window showing the command and the output of the command and name it nftables_status.jpg and insert it into your report under the heading Nftables Status  Configure nftables:  Create an inet filter table  In the inet filter table : o Add an output chain of type filter with hook type output priority 0 , policy accept o Add an input chain of type filter with hook type input priority 0 , policy accept  Do the following command: nft list table <your inet table name>  Take a screen shot of the terminal window showing the command and the output of the command and name it inet_table.jpg  Take a screen shot of the terminal window showing you have Internet connectivity by doing the following command “ping 8.8.8.8” from the command-line  Insert both screenshots into your report under the heading Firewall Setup Part 1B: Firewall Filtering – Blocking Web Traffic (2%) You are going to block the web traffic coming into your VM using the inet filter table firewall you have just created in Part 1A. Insert a heading into your report Firewall Filtering . The tasks you need to do are the following:  Start the web browser and load a web site from your Lab 1 submission. Take a screen shot that includes the web browser with the page loaded and the terminal window showing the results of the ‘nft list table <your inet table name>’ and save it as LoadedPage.jpg and insert it into your report under the heading Loaded Website.  Add a single firewall rule to either the input or output chains that block web traffic coming into the Ubuntu VM. Take a screen shot window showing the following results of the ‘nft list table <your inet table name>’ and save it as FirewallRuleAdded.jpg and insert it into your report under the heading Firewall Rule Added – Web Blocking.  Start the web browser and load a different web site from your Lab 1 submission. If you have added the firewall rule correctly, this website should not load. Take a screen shot showing that shows the following:  The web browser open with the URL visible should show that the page cannot load the web.  Terminal window open showing the results of the ‘nft list table <your inet table name>’ Save the screenshot as WebTrafficBlocked.jpg and insert it into your report under the heading Web Traffic Blocked. Part 1C: Firewall Filtering – Blocking Ping Traffic (3%) Building on the work in 1B, you are going to block ping traffic coming into your VM. Before you implement your rule take a screenshot that includes:  The IP address of the Ubuntu VM using a command-line command.  The Ubuntu VM being successfully pinged from your Host VM Save it as SuccessfulPing.jpg and insert it into your report under the heading Successful Ping. Implement your rule and take a screenshot that shows the following:  The Ubuntu VM being unsuccessfully pinged from your Host VM  Terminal window open showing the results of the ‘nft list table <your inet table name>’ Save it as UnsuccessfulPing.jpg and insert it into your report under the heading Unsuccessful Ping. Note:  Your firewall should only block the specified traffic. All other traffic should be allowed. Page 2 of 3