13,420
edits
Changes
no edit summary
<tr> <th>1</th><td>'''Test Network Connectivity'''</td><td>You can use the [http://zenit.senecac.on.ca/wiki/index.php/OPS335_Lab_1#Linux_Network_Connection_Configuration_Troubleshooting steps in lab 1] as a guide, but keep in mind the firewall may be blocking pings and DNS requests.</td></tr>
<tr> <th>2</th><td>'''Verify Service is Running & Service can Connect to Network'''</td><td>You should learn to read the output of '''netstat -atnp''' and '''netstat -aunp''' to complement the '''systemctl status''' command.</td></tr>
<tr> <th>3</th><td>'''Verify Network Connectivity by Deleting iptables Rules'''</td><td>If you have no idea what's going on and need to confirm that you're still sane - clear all the iptables rules and check your configuration then. Keep in mind that the '''iptables -F''' command will delete all your rules but will not set the deafult policies to ACCEPT. This will tell you for sure whether your problem was (or was not) caused by iptables. You can run your saved <br><br>If you do this - have a ready way to restore the rules you just deleted. Restarting the iptables service is usually a good start and a '''shell script ''' to reset the iptables add your custom rules, and if OK, see which recent command you issued caused is a problem with network connectivityreasonable next step.</td></tr>
<tr> <th>4</th><td>x</td><td>x</td></tr>
<tr> <th>5</th><td>x</td><td>x</td></tr>
#
#* If you do this - have a ready way to restore the rules you just deleted. Restarting the iptables service is usually a good start and a script to add your custom rules is a reasonable next step.
# Follow a packet's path as you understand it should follow. Keep in mind [http://zenit.senecac.on.ca/wiki/index.php/OPS335_Lab_2#How_Firewalls_.28iptables.29_Relate_to_the_Labs_in_this_Course the diagram from the lecture last week]. What chain applies first on which machine? What's the first rule that matches the packet? What happens if no rules match the packet?
#* Don't forget that even if you're tracing the path of outgoing traffic - the INPUT chain on your mahchine still applies (for the response that comes back to your request).
