Configuring your firewall

This page will help you configure the firewall located at your gateway router in order to restrict traffic comming into your network. Below is a tool that is very similar to what you played with as part of the firewalls lecture. Design your ACL (Access Control List) rules with it, then click on the Generate Firewall Config File button to create configuration commands in the proper format for inputting into your gateway router. This done, you should login to your gateway router via ssh and copy&paste the generated configuration commands into that ssh shell.
Note: Remember that when a firewall receives a packet, it checks the ACL rules from top to bottom, applying the first rule it finds that matches the packet, and ignoring the remaining rules.
Note: You might want to check out this small list of ports and services.

You can put a regular IP address, or you can put an "x" instead of the last number, which means "any number".
 
Setting "Limit Burst" to "yes" tells the firewall to start dropping packets when too many come too fast from the same IPs. This allows you to combat DDoS attacks.
You can give a port number or you can put an "x", which means "any port".

Blue Team


  
⇦ Click the button to generates commands, then ssh into you Gateway router and copy and paste the entirety of the generated output into the ssh shell.