Browse Source

shorewall

master
test2 5 years ago
parent
commit
44c430801b
  1. 44
      sec/ex-4_iptables.adoc

44
sec/ex-4_iptables.adoc

@ -39,6 +39,38 @@ Assuming you're already logged in
https://en.wikipedia.org/wiki/Shorewall[More: wikipedia] https://en.wikipedia.org/wiki/Shorewall[More: wikipedia]
.NOTE
[NOTE]
====
Our docker instances have only one nic
to add more nic's:
.create netowrk frist
[source,bash]
----
docker network create --driver=bridge --subnet=192.168.0.0/16 net1
docker network create --driver=bridge --subnet=192.168.0.0/16 net2
docker network create --driver=bridge --subnet=192.168.0.0/16 net3
----
then connect network to container
.create netowrk frist
[source,bash]
----
docker network connect net1 master
docker network connect net1 worker1
docker network connect net2 master
docker network connect net2 worker2
----
now let's look at the following image
====
=== Installation === Installation
Shorewall is already installed on swarmlab-sec. Shorewall is already installed on swarmlab-sec.
@ -203,6 +235,18 @@ ACCEPT $FW net udp 53
ACCEPT net $FW udp 53 ACCEPT net $FW udp 53
ACCEPT $FW net tcp 80 ACCEPT $FW net tcp 80
ACCEPT net $FW tcp 80 ACCEPT net $FW tcp 80
#New lines
ACCEPT $FW dmz udp 53
ACCEPT dmz $FW udp 53
ACCEPT $FW dmz tcp 80
ACCEPT dmz $FW tcp 80
ACCEPT loc dmz tcp 80 # Add your rules for the zones you have defined.
ACCEPT dmz loc tcp 80 #
ACCEPT loc net tcp 80 # This here is an example
ACCEPT net loc tcp 80 # for communication
ACCEPT dmz net tcp 80 # over port 80
ACCEPT net dmz tcp 80 # aka the web
---- ----

Loading…
Cancel
Save