[redes] Fwd:
- From: Luana Meurer <luameu@xxxxxxxxx>
- To: grupo de e-mail faculdade <redes@xxxxxxxxxxxxx>
- Date: Fri, 11 Oct 2013 11:46:55 -0300
Atenciosamente,
Luana Meurer
---------- Forwarded message ----------
From: Luana Meurer <luameu@xxxxxxxxx>
Date: 2013/10/11
Subject:
To: Luana Meurer <luameu@xxxxxxxxx>
Atenciosamente,
Luana Meurer
aluno@FESSC560:~$ su
Senha:
su: Falha de autenticação
aluno@FESSC560:~$
aluno@FESSC560:~$ su
Senha:
root@FESSC560:/home/aluno# cd /hone[
bash: cd: /hone[: Arquivo ou diretório não encontrado
root@FESSC560:/home/aluno# cd /home
root@FESSC560:/home#
root@FESSC560:/home#
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
^Z
[1]+ Parado iptables -L
root@FESSC560:/home# ^C
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
^Z
[2]+ Parado iptables -L
root@FESSC560:/home#
root@FESSC560:/home#
root@FESSC560:/home#
root@FESSC560:/home# ./server.sh
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
root@FESSC560:/home# iptables -A INPUT -s 10.100.5.2 -p icmp --icmp-type 8
-j ACCEPT
root@FESSC560:/home# iptables -A OUTPUT -s 10.100.5.2 -p icmp --icmp-type 0
-j ACCEPT
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-request
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-reply
root@FESSC560:/home# iptables -A FORWARD -s 10.100.5.0/24 -d 0/0 -p udp
--dport 53 -j ACCEPT
root@FESSC560:/home#
root@FESSC560:/home#
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-request
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT udp -- 10.100.5.0/24 anywhere udp dpt:domain
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-reply
root@FESSC560:/home# iptables -A FORWARD -d 10.100.5.0/24 -s 0/0 -p udp
--sport 53 -j ACCEPT
root@FESSC560:/home# iptables -A FORWARD -s 10.100.5.0/24 -d 0/0 -p tcp
--dport 80 -j ACCEPT
root@FESSC560:/home# iptables -A FORWARD -d 10.100.5.0/24 -s 0/0 -p tcp
--sport 80 -j ACCEPT
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-request
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT udp -- 10.100.5.0/24 anywhere udp dpt:domain
ACCEPT udp -- anywhere 10.100.5.0/24 udp spt:domain
ACCEPT tcp -- 10.100.5.0/24 anywhere tcp dpt:http
ACCEPT tcp -- anywhere 10.100.5.0/24 tcp spt:http
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-reply
root@FESSC560:/home# iptables -A FORWARD -s 10.100.5.0 -d 0/0 -p tcp
--dport 443 -j ACCEPT
root@FESSC560:/home# iptables -A FORWARD -d 10.100.5.0 -s 0/0 -p tcp
--sport 443 -j ACCEPT
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-request
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT udp -- 10.100.5.0/24 anywhere udp dpt:domain
ACCEPT udp -- anywhere 10.100.5.0/24 udp spt:domain
ACCEPT tcp -- 10.100.5.0/24 anywhere tcp dpt:http
ACCEPT tcp -- anywhere 10.100.5.0/24 tcp spt:http
ACCEPT tcp -- 10.100.5.0 anywhere tcp dpt:https
ACCEPT tcp -- anywhere 10.100.5.0 tcp spt:https
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-reply
root@FESSC560:/home# iptables -A OUTPUT -s 10.100.5.0 -d 0/0 -p udp --dport
53 -j ACCEPT
root@FESSC560:/home# iptables -A INPUT -d 10.100.5.0 -s 0/0 -p udp --sport
53 -j ACCEPT
root@FESSC560:/home#
root@FESSC560:/home#
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-request
ACCEPT udp -- anywhere 10.100.5.0 udp spt:domain
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT udp -- 10.100.5.0/24 anywhere udp dpt:domain
ACCEPT udp -- anywhere 10.100.5.0/24 udp spt:domain
ACCEPT tcp -- 10.100.5.0/24 anywhere tcp dpt:http
ACCEPT tcp -- anywhere 10.100.5.0/24 tcp spt:http
ACCEPT tcp -- 10.100.5.0 anywhere tcp dpt:https
ACCEPT tcp -- anywhere 10.100.5.0 tcp spt:https
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-reply
ACCEPT udp -- 10.100.5.0 anywhere udp dpt:domain
root@FESSC560:/home# ifconfig
eth0 Link encap:Ethernet Endereço de HW 00:1f:29:32:f9:6e
inet end.: 192.168.11.64 Bcast:192.168.11.255 Masc:255.255.255.0
endereço inet6: fe80::21f:29ff:fe32:f96e/64 Escopo:Link
UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1
RX packets:21976 errors:0 dropped:0 overruns:0 frame:0
TX packets:18348 errors:0 dropped:0 overruns:0 carrier:0
colisões:0 txqueuelen:1000
RX bytes:8410687 (8.0 MiB) TX bytes:7990379 (7.6 MiB)
IRQ:18
eth0:1 Link encap:Ethernet Endereço de HW 00:1f:29:32:f9:6e
inet end.: 10.100.5.1 Bcast:10.100.5.255 Masc:255.255.255.0
UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1
IRQ:18
lo Link encap:Loopback Local
inet end.: 127.0.0.1 Masc:255.0.0.0
endereço inet6: ::1/128 Escopo:Máquina
UP LOOPBACKRUNNING MTU:16436 Métrica:1
RX packets:154 errors:0 dropped:0 overruns:0 frame:0
TX packets:154 errors:0 dropped:0 overruns:0 carrier:0
colisões:0 txqueuelen:0
RX bytes:10796 (10.5 KiB) TX bytes:10796 (10.5 KiB)
root@FESSC560:/home# iptables -D FORWARD 5
root@FESSC560:/home# iptables -D FORWARD 5
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-request
ACCEPT udp -- anywhere 10.100.5.0 udp spt:domain
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT udp -- 10.100.5.0/24 anywhere udp dpt:domain
ACCEPT udp -- anywhere 10.100.5.0/24 udp spt:domain
ACCEPT tcp -- 10.100.5.0/24 anywhere tcp dpt:http
ACCEPT tcp -- anywhere 10.100.5.0/24 tcp spt:http
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-reply
ACCEPT udp -- 10.100.5.0 anywhere udp dpt:domain
root@FESSC560:/home# iptables -A FORWARD -s 10.100.5.0/24 -d 0/0 -p tcp
--dport 443 -j ACCEPT
root@FESSC560:/home# iptables -A FORWARD -d 10.100.5.0/24 -s 0/0 -p tcp
--sport 443 -j ACCEPT
root@FESSC560:/home#
root@FESSC560:/home#
root@FESSC560:/home#
root@FESSC560:/home# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-request
ACCEPT udp -- anywhere 10.100.5.0 udp spt:domain
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT udp -- 10.100.5.0/24 anywhere udp dpt:domain
ACCEPT udp -- anywhere 10.100.5.0/24 udp spt:domain
ACCEPT tcp -- 10.100.5.0/24 anywhere tcp dpt:http
ACCEPT tcp -- anywhere 10.100.5.0/24 tcp spt:http
ACCEPT tcp -- 10.100.5.0/24 anywhere tcp dpt:https
ACCEPT tcp -- anywhere 10.100.5.0/24 tcp spt:https
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- 10.100.5.2 anywhere icmp
echo-reply
ACCEPT udp -- 10.100.5.0 anywhere udp dpt:domain
root@FESSC560:/home# cd /home/aluno
root@FESSC560:/home/aluno# ls
Desktop firewall otavio pablo
root@FESSC560:/home/aluno# cd ..
root@FESSC560:/home# iptables-save > /home/aluno/firewall
root@FESSC560:/home#
root@FESSC560:/home#
root@FESSC560:/home# cd /home/aluno
root@FESSC560:/home/aluno# ls
Desktop firewall otavio pablo
root@FESSC560:/home/aluno# cat firewall
# Generated by iptables-save v1.4.14 on Fri Oct 11 11:16:28 2013
*filter
:INPUT DROP [55:6896]
:FORWARD DROP [0:0]
:OUTPUT DROP [53:3935]
-A INPUT -s 10.100.5.2/32 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -d 10.100.5.0/32 -p udp -m udp --sport 53 -j ACCEPT
-A FORWARD -s 10.100.5.0/24 -p udp -m udp --dport 53 -j ACCEPT
-A FORWARD -d 10.100.5.0/24 -p udp -m udp --sport 53 -j ACCEPT
-A FORWARD -s 10.100.5.0/24 -p tcp -m tcp --dport 80 -j ACCEPT
-A FORWARD -d 10.100.5.0/24 -p tcp -m tcp --sport 80 -j ACCEPT
-A FORWARD -s 10.100.5.0/24 -p tcp -m tcp --dport 443 -j ACCEPT
-A FORWARD -d 10.100.5.0/24 -p tcp -m tcp --sport 443 -j ACCEPT
-A OUTPUT -s 10.100.5.2/32 -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A OUTPUT -s 10.100.5.0/32 -p udp -m udp --dport 53 -j ACCEPT
COMMIT
# Completed on Fri Oct 11 11:16:28 2013
# Generated by iptables-save v1.4.14 on Fri Oct 11 11:16:28 2013
*nat
:PREROUTING ACCEPT [433:36290]
:INPUT ACCEPT [6:504]
:OUTPUT ACCEPT [314:22206]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Fri Oct 11 11:16:28 2013
root@FESSC560:/home/aluno#
root@FESSC560:/home/aluno#
root@FESSC560:/home/aluno#
Other related posts:
- » [redes] Fwd: - Luana Meurer
