13,420
edits
Changes
no edit summary
# Have your neighbour obtain the external facing IP Address on THEIR c7host machine.
# Issue iptables command to ADD ping exception from your neighbour's IPAddress<br><b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em;">iptables -A INPUT -p icmp -s {neighbour's exeternal facing address} -j ACCEPT</span></code></b><br>Is your neighbour able to ping YOUR external facing IP Address?
# Have your neighbour test sshing try to SSH into your YOUR c7host. Were they Successful?# Issue the following iptables command to insert before rule :<br><b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1 for ssh exception and .2em;">iptables -A INPUT -p tcp -s {neighbour test's exeternal facing address} --sport 22 -j ACCEPT</span></code></b><br># List iptables rules for INPUT chainHave your neighbour try to SSH into YOUR c7host. Were they Successful? If so, why?# Issue the following iptables command to add a rule at bottom of OUTPUT chain to DROP http (port 80 connections). Try to think of the command yourself.
# Open another web-browser. Can you connect to a webpage?
# Issue iptables rule to '''flush ''' the OUTPUT chain. Does your web-browser now work?# We will keep the rules for the INPUT chain.
# Shutdown all VMs and restart your c7host Linux machine.
# List the iptables rules for the INPUT chain. What happenedto your iptables rules for the INPUT chain?
# Proceed to the next part to learn how to learn how to make your iptables rules persistent.