Firewall
Course Overview
Course Introduction
- Welcome
- Setting Up the Environment
- Join Our Online Community!
- Getting Course Resources
Netfilter/Iptables Basics
- Introduction to Netfilter and Iptables
- Netfilter Chains
- Netfilter Tables
- Chain Traversal in a Nutshell
- Quiz for Chain Traversal
The Iptables Command
- Basic Usage
- Iptables Options (Flags) – Part 1
- Iptables Options (Flags) – Part 2
- Commands – Iptables Flags
- Where Do We Write Iptables Rules
- Append vs. Insert (A vs. I)
- Listing the Firewall
- Commands – Listing the Firewall
- Setting the Default Policy
- Commands – Setting Policy
- Deleting the Firewall
- Commands – Deleting the Firewall
- Loading the Firewall at Boot Time: iptables-save and iptables-restore
- Quiz for Iptables Command
Challenges – The Iptables Command
- Challenges – The Iptables Command
Iptables Basic Matches
- Filter by IP Address
- Commands – Filter by IP or NET
- Filter by IP Range and Address Type
- Commands – Filter by IP Range
- Filter by Port
- Filter by Protocol
- Filter by Interface
- Commands – Filter by Port, Protocol and Interface
- Negating Matches
- Commands – Negating Matches
- Filter by TCP Flags
- Commands – Match by TCP Flags
- Quiz for Basic Matches
Challenges – Basic Matches
- Challenges – Basic Matches
Iptables Advanced Matches
- Intro to Stateful Firewalls (Connection Tracking)
- Implementing Stateful Firewalls with Iptables
- Script – Stateful Firewall
- Filter by MAC Address
- Script – Filter by MAC
- Match by Date and Time
- Script – Match by Data and Time
- DoS Protection (Connlimit Module)
- The Limit Match
- Script – The Limit Match
- Building a Dynamic Database of Blacklisted IP’s
- Script – The Recent Match
- Match by Quota
- Script – Match by Quota
Challenges – Advanced Matches
- Challenges – Advanced Matches
Advanced Firewall Configuration with Ipset
- Intro to Ipset
- Using Ipset
- Ipset In Depth
- Commands – ipset in depth
- Automatically Block Bad Hosts
- Clearing the Running Firewall
- Script – Clear the Running Firewall
- Block All Addresses From a File
- Script – Block all IPs and Networks From File
- Block Entire Countries Using Ipset
- Script – Blocking Countries
Iptables Targets
- Terminating vs. Non-terminating Targets
- ACCEPT and DROP
- Script – ACCEPT and DROP Targets
- TCP Port States
- Netstat
- Scanning Ports Using Nmap
- Commands – Nmap
- REJECT
- LOG
- Script – REJECT and LOG Targets
- TEE
- REDIRECT
- Quiz for Targets
Challenges – TARGETS
- Challenges – TARGETS
NAT and Port Forwarding
- Intro to SNAT and MASQUERADE
- Lab: Configure SNAT
- Script – NAT and MASQUERADE
- Port Forwarding (DNAT)
- Script – Port Forwarding (DNAT)
- Quiz for NAT and Port Forwarding
- Project: Load-Balance NAT Traffic using 2 Internet Service Providers
- Project [Solution]: Load-Balance NAT Traffic using 2 Internet Service Providers
- Solution Script – NAT and Load-Balancing
User-defined Chains
- Intro to User-defined Chains
- Implementing User-defined Chains
- Commands – User-defined Chains
- Firewall Refactoring with User-defined Chains
- Script – Firewall Refactoring
Netfilter/Iptables Chain Traversal In Depth
- Chain Traversal for Incoming Packets
- Chain Traversal for Outgoing Packets
- Chain Traversal for Routed Packets
Firewall Automation using Shell Scripts
- Shell Scripts Basics
- Script that Blocks an IP or a Port
- Script the Automates Firewall Creation and Management
- Assignment: Script that blocks or permits traffic from an IP/Network
- Assignment Answer: Script that blocks or permits traffic from an IP/Network
[APPENDIX] Bash Shell Scripting
- Bash Aliases
- Intro to Bash Shell Scripting
- The Bash Shebang and Comments
- Running Scripts
- Variables in Bash
- Environment Variables
- Getting User Input
- Special Variables and Positional Arguments
- If, Elif and Else Statements
- Testing Conditions For Numbers
- Multiple Conditions and Nested If Statements
- Command Substitution
- Comparing Strings in If Statements
- Lab: Testing Network Connections
- For Loops
- Lab: Dropping a List of IP addresses Using a For Loop
- While Loops
- Case Statement
- Functions in Bash
- Variable Scope in Functions
- Menus in Bash. The Select Statement
- Lab: System Administration Script using Menus
[APPENDIX] Challenges – Bash Scripting
- Bash Scripting Basics
- Flow Control (if…elif…else) and Command Substitution
- Loops in Bash: for, while
- Functions and Menus
