Advance Firewall and Network Security

Harshil Jethava · Harshil Jethava · commit c06753581dd4 · 2017-01-10T02:00:28.000+05:30
diff --git a/Chapter32/firewall-cmd_NAT b/Chapter32/firewall-cmd_NAT
@@ -0,0 +1,10 @@
+# Network Address Translation can be achieved in two ways:
+1 masquerade
+2 port forwarding
+
+# masquerade
+firewall-cmd --permanent --zone=example --add-rich-rule='rule family=ipv4 source address=192.168.0.0/24 masquerade'
+
+# port forwarding 
+firewall-cmd --permanent --zone=public --add-forward-port=port=420:proto=tcp:toport=8080:toaddr=192.168.0.120
+
diff --git a/Chapter32/logging_example b/Chapter32/logging_example
@@ -0,0 +1,4 @@
+# log to syslog for ssh service at rate of 3 logs per mintue
+firewall-cmd --permanent --zone=work --add-rich-rules='rule service name="ssh" log prefix="ssh" level="notice" limit value="3/m" accept'
+
+
diff --git a/Chapter32/rich_rules_logging b/Chapter32/rich_rules_logging
@@ -0,0 +1,23 @@
+# syslog or auditd with these two options rich rules can be implemented as to trace accepted or rejected connections
+
+# logging syntax 
+log [prefix="<PREFIX TEXT>"] [level=<LOGLEVEL>] [limit value="<RATE/DURATION>"]
+
+# LOGLEVEL can be:
+emerg
+alert
+crit
+error
+warning
+notice
+info
+debug
+
+# DURATION can be:
+s
+m
+h
+
+
+
+
