1,234
edits
Changes
→iptables troubleshooting procedure
# Follow a packet's path as you understand it should follow. Keep in mind [http://zenit.senecac.on.ca/wiki/index.php/OPS335_Lab_2#How_Firewalls_.28iptables.29_Relate_to_the_Labs_in_this_Course the diagram from the lecture last week]. What chain applies first on which machine? What's the first rule that matches the packet? What happens if no rules match the packet?
#* Don't forget that even if you're tracing the path of outgoing traffic - the INPUT chain on your mahchine still applies (for the response that comes back to your request).
# At this point you should be able to understand any iptables rules you'll see in this course, including the default ones in CentOS. If you see a rule you don't understand - you can delete it and see what happens. But if you do that - make sure you then understand spend some time figuring out what that rule did and why you needed to delete it. It was likely there for a good reason. = Practice script = Download and run this script: http://scs.senecacollege.ca/~andrew.smith/ops335/labcheck_network_backup.sh It will print out a menu of exercises. You can pick any of them in any order. The script will first reset the firewall settings to CentOS defaults and then make some modifications from those defaults. Finish the exercises, and record any information you feel you'll need to remember to solve problems like this in the future (e.g. in a practical test).
