In this hands-on lab, you will need to configure `Server1` (10.0.1.10) so that it only permits HTTP connections (port 80) from `Client1` (10.0.1.11).
Successfully complete this lab by achieving the following learning objectives:
- Verify that a firewall is running.
You should already have iptables started and running. You can verify this with:
# systemctl status iptables
- Verify that the host listening on port 80.
You’ll want to verify that the host has a service listening on port 80. You can do so using the following command:
# ss -lntp | grep :80
You should see that port 80 is listening for the httpd process.
- Verify that port 80 is blocked, and add a rule to permit traffic coming from 10.0.1.11.
Client1(10.0.1.11), try to
[cloud_user@ip-10-0-1-11 ~]$ curl 10.0.1.10
You’ll need to add a rule to permit the traffic:
iptables -I INPUT -p tcp -s 10.0.1.11 --dport 80 -j ACCEPT
Client1again, and also with
Client1is successful and
Client2isn’t, save your existing chain with:
[root@ip-10-0-1-10 ~]# service iptables save