辅导S1 2019解析Python

- 首页 >> Java编程
Unit 5: Firewalls 
Network Engineering, S1 2019 
Dr. Paul Gardner-Stephen 
Revision 1, 30MAY19, Dr. Paul Gardner-Stephen. 
Overview 
The intention of this unit is to give students a theoretical and practical understanding of simple 
firewall configuration tasks, including use of iptables. 
Materials 
You will require use of your own laptop or other BYOD device, that is capable of running two 
Virtual Machine instances of Ubuntu 18.04. You will use the Virtual Machines you setup in Unit 0. 
Significant typing will be required, so laptop or netbook is strongly recommended as compared to a 
tablet or other such device. 
Estimated Time Required 
It is estimated that 6.75 hours of effort will be required to obtain a “Credit” result for this unit. 
The justification of effort is as follows: 
This unit constitutes 11% of the practical component of this topic, which in turn 
constitutes 45% of the total topic. Thus this unit is 5% of the total topic. Obtaining a 
credit grade for a 4.5 Unit topic is expected to require 135 hours of study, and 5% of 
that is approximately 6.75 hours. 
One possible break-down of this time is as follows: 
1 hour – Attending the lecture. 
1 hours – Reading recommended reading materials in preparation for Practical/Workshop. 
3 hours – Practical/Workshop session. 
1.75 hours – Activity following the practical workshop session to complete your submission. 
Learning Outcomes 
1. Configure simple firewall rules and verify their correct operation. 
Preparation 
1. Read https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/ 
https://www.booleanworld.com/depth-guide-iptables-linux-firewall/, and take a brief look at 
https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html, in case you want to refer to 
a rather more in-depth introduction. 
2. Read the man page for the iptables command. To view a man page, type a command like: 
man iptables 
3. Search the internet for tutorials on using this command as desired, to further familiarise yourself. 
Body of work 
1. Each student is required to individually configure both their virtual machines to communicate 
via a shared network interface using 10.1.1.0/24 as the network, and 10.1.1.1 and 10.1.1.2 as the 
IP addresses for your first and second virtual machines, such that you can ping, traceroute 
and ssh from one to the other, if you have not previously done so. 
This section is worth 0% of the total, because without it, you can’t actually complete the second 
part. 
2. Each student is required to individually use iptables on their virtual machines so that the first 
virtual machine can ssh to the second, but not the second to the first. 
The steps to reproduce this should be recorded in unit4.md and committed to git. 
This section is worth 60% of the total, but is not possible to complete, if you have not also 
completed the first section. 
3. Each student is required to individually use iptables on their virtual machines so that when the 
second virtual machine attempts to connect to the first virtual machine using ssh on port 12345, 
that the connection actually connects to port 22 on the second virtual machine. 
The steps to reproduce this should be recorded in unit4.md and committed to git. 
This section is worth 40% of the total, but is not possible to complete, if you have not also 
completed the first section. 
站长地图