How to solve these challenges:


Challenge #1

Write the iptables rules that drop all incoming packets from 100.0.0.1 and 1.2.3.4 and all outgoing packets to 80.0.0.1

These will be the first rules in the chains.

Are you stuck? Do you want to see the solution for this exercise? Click here.


Challenge #2

Write the iptables rules that drop all outgoing generated packets of type tcp (port 80 and 443) to www.linuxquestions.org

Are you stuck? Do you want to see the solution for this exercise? Click here.


Challenge #3

Write the iptables rules that drop all outgoing packets of type tcp (port 80 and 443) to www.linuxquestions.org

The Linux machine is the router.

Are you stuck? Do you want to see the solution for this exercise? Click here.


Challenge #4

Write an iptables rule that drops all incoming packets from network 27.103.0.0 255.255.0.0

This will be the first rule in the chain.

Are you stuck? Do you want to see the solution for this exercise? Click here.


Challenge #5

The DNS Server of your LAN is set to 8.8.8.8. You don't want to allow the users of the LAN to change the DNS server.

Write an iptables rule in order to drop all UDP packets to port 53 (DNS) if they are destined to another IP address (not to 8.8.8.8). The Linux Machine is the Router.

Are you stuck? Do you want to see the solution for this exercise? Click here.


Challenge #6

Write the iptables rules that allow all traffic of the loopback (lo) interface.

Are you stuck? Do you want to see the solution for this exercise? Click here.


Challenge #7

Your Linux Machine is the router. The internal interface is called eth0 and the external interface is called eth1.

Write the iptables rules that allow establishing incoming ssh (tcp/22) connections only from the LAN.

Are you stuck? Do you want to see the solution for this exercise? Click here.