Configuring your firewall
This page will help you configure the firewall located at your
gateway router in order to restrict traffic comming into your
network. Below is a tool that is very similar to what you played
with as part of the firewalls lecture.
Design your ACL (Access Control List) rules with it, then click on
the Generate Firewall Config File button to create
configuration commands in the proper format for inputting into
your gateway router. This done, you should login to your gateway
router via ssh and copy&paste the generated configuration
commands into that ssh shell.
Note: Remember that when a firewall receives a packet, it
checks the ACL rules from top to bottom, applying the first rule
it finds that matches the packet, and ignoring the remaining
Note: You might want to check out this small
list of ports and services.
You can put a regular IP address, or you can put an "x"
instead of the last number, which means "any number".
Setting "Limit Burst" to "yes" tells the firewall to start
dropping packets when too many come too fast from the same
IPs. This allows you to combat DDoS attacks.
You can give a port number or you can put an "x", which means
⇦ Click the button to generates commands, then ssh into you
Gateway router and copy and paste the entirety of the generated
output into the ssh shell.