zeus
/
lab
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

shorewall

master
test2 5 years ago
parent
cfdeb19b78
commit
44c430801b
1 changed files with 44 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 44
      sec/ex-4_iptables.adoc

44
sec/ex-4_iptables.adoc
View File

@ -39,6 +39,38 @@ Assuming you're already logged in
https://en.wikipedia.org/wiki/Shorewall[More: wikipedia]
.NOTE
[NOTE]
====
Our docker instances have only one nic
to add more nic's:
.create netowrk frist
[source,bash]
----
docker network create --driver=bridge --subnet=192.168.0.0/16 net1
docker network create --driver=bridge --subnet=192.168.0.0/16 net2
docker network create --driver=bridge --subnet=192.168.0.0/16 net3
----
then connect network to container
.create netowrk frist
[source,bash]
----
docker network connect net1 master
docker network connect net1 worker1
docker network connect net2 master
docker network connect net2 worker2
----
now let's look at the following image
====
=== Installation
Shorewall is already installed on swarmlab-sec.
@ -203,6 +235,18 @@ ACCEPT $FW net udp 53
ACCEPT net $FW udp 53
ACCEPT $FW net tcp 80
ACCEPT net $FW tcp 80
#New lines
ACCEPT $FW dmz udp 53
ACCEPT dmz $FW udp 53
ACCEPT $FW dmz tcp 80
ACCEPT dmz $FW tcp 80
ACCEPT loc dmz tcp 80 # Add your rules for the zones you have defined.
ACCEPT dmz loc tcp 80 #
ACCEPT loc net tcp 80 # This here is an example
ACCEPT net loc tcp 80 # for communication
ACCEPT dmz net tcp 80 # over port 80
ACCEPT net dmz tcp 80 # aka the web
----

Write Preview
Loading…
Cancel
Save