Implement packet filtering

iptables

Execute to wath current configuration:

ymedlop@ymedlop-VirtualBox:~$ sudo iptables -L
[sudo] password for ymedlop: 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Add REJECT rule for icmp connections:

ymedlop@ymedlop-VirtualBox:~$ ip addr show
1: lo: [...]
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:5e:bc:15 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
       valid_lft 86176sec preferred_lft 86176sec
    inet6 fe80::2ce4:1ab0:d849:f0e7/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
ymedlop@ymedlop-VirtualBox:~$ sudo iptables -A INPUT --protocol icmp --in-interface enp0s3 -j REJECT
ymedlop@ymedlop-VirtualBox:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
REJECT     icmp --  anywhere             anywhere             reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Clean rules sudo iptables --flush

Training

Linux Academy

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

03.md

03.md

Implement packet filtering

iptables

Training

Files

03.md

Latest commit

History

03.md

File metadata and controls

Implement packet filtering

iptables

Training