iptables Tutorial Exercise
See the networkDiagram for this question.
Your job is to write the iptables script to configure the firewall at 34.42.10.3.
We have the following requirements (all for the firewall aka 34.42.10.3 aka 192.168.1.1)
- The firewall is running an administrative program on port 4444. This program is accessible only from the 192.168.1.* network.
- 192.168.1.2 is the system administrators system. This is the only host that is permitted general connections into (not passing through) the firewall. 192.168.1.2 can remote desktop to any of the desktop systems in the network.
- 192.168.1.5 is running a web server. All requests for 34.42.10.3 (port 80) are redirected to 192.168.1.5 (port 80).
- 192.168.1.7 is the CEO's desktop system. She would like to run remote desktop from her home system 70.27.41.29 to access her office desktop. The firewall should forward remote desktop requests (port 3389) from 70.27.41.29 to 192.168.1.7.
- The firewall is running NAT for the 192.168.1.* network, that is, all hosts on the 192.168.1.* network share the same external IP (34.42.10.3).
- It appears that 70.27.34.11 is a hackers machine. The logs indicate that they are trying to break into the corporate network. iptables should deny 70.27.34.11 access to all services on the network.
- All other connections into the 192.168.1.* network and the firewall should be denied.
Submit firewall.txt