Using a firewall to control traffic in networks 1 Example Network - - PowerPoint PPT Presentation

using a firewall to control traffic in networks
SMART_READER_LITE
LIVE PREVIEW

Using a firewall to control traffic in networks 1 Example Network - - PowerPoint PPT Presentation

Jan 11, 2024 556 likes •711 views

Using a firewall to control traffic in networks 1 Example Network .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 2 Firewall

slide-1
SLIDE 1

1

Using a firewall to control traffic in networks

slide-2
SLIDE 2

2

Example Network

1.1.1.0/24 1.1.2.0/24 1.1.0.0/16 2.2.2.0/24 4.4.4.0/24 3.3.3.0/24 .11 .12 .23 .24 .15.6 Ra Rb Rc Rd Re .99 .47 .35 .36 .1 .1 .4.4 .4.1 .4.2 .1

slide-3
SLIDE 3

3

Firewall on 1.1.1.12

1.1.1.0/24 1.1.2.0/24 1.1.0.0/16 2.2.2.0/24 4.4.4.0/24 3.3.3.0/24 .11 .12 .23 .24 .15.6 Ra Rb Rc Rd Re .99 .47 .35 .36 .1 .1 .4.4 .4.1 .4.2 .1

slide-4
SLIDE 4

4

Block Ping

1.1.1.0/24 1.1.2.0/24 1.1.0.0/16 2.2.2.0/24 4.4.4.0/24 3.3.3.0/24 .11 .12 .23 .24 .15.6 Ra Rb Rc Rd Re .99 .47 .35 .36 .1 .1 .4.4 .4.1 .4.2 .1

slide-5
SLIDE 5

5

Block Ping

1.1.1.0/24 1.1.2.0/24 1.1.0.0/16 2.2.2.0/24 4.4.4.0/24 3.3.3.0/24 .11 .12 .23 .24 .15.6 Ra Rb Rc Rd Re .99 .47 .35 .36 .1 .1 .4.4 .4.1 .4.2 .1 IN: protocol=ICMP; action=DROP OUT: protocol=ICMP; action=DROP

slide-6
SLIDE 6

6

Firewall contains rules

  • Each packet is checked against firewall rules
  • If conditions in rule are true then perform

action on that packet (eg. DROP, ACCEPT)

  • If no rules match, then perform default action
  • Multiple rules are combined to create a table
slide-7
SLIDE 7

7

Firewall on Router Ra

1.1.1.0/24 1.1.2.0/24 1.1.0.0/16 2.2.2.0/24 4.4.4.0/24 3.3.3.0/24 .11 .12 .23 .24 .15.6 Ra Rb Rc Rd Re .99 .47 .35 .36 .1 .1 .4.4 .4.1 .4.2 .1

slide-8
SLIDE 8

8

Block Access to SSH Server on .11

1.1.1.0/24 1.1.2.0/24 1.1.0.0/16 2.2.2.0/24 4.4.4.0/24 3.3.3.0/24 .11 .12 .23 .24 .15.6 Ra Rb Rc Rd Re .99 .47 .35 .36 .1 .1 .4.4 .4.1 .4.2 .1

slide-9
SLIDE 9

9

Block Access to SSH Server on .11

1.1.1.0/24 1.1.2.0/24 1.1.0.0/16 2.2.2.0/24 4.4.4.0/24 3.3.3.0/24 .11 .12 .23 .24 .15.6 Ra Rb Rc Rd Re .99 .47 .35 .36 .1 .1 .4.4 .4.1 .4.2 .1 FORWARD: Dst=1.1.1.11; Protocol=TCP; DstPort=22; Action=DROP

slide-10
SLIDE 10

10

Firewall can have different rules

  • INPUT: Applies only to packets destined to this

computer

  • OUTPUT: Applies only to packets created by

this computer

  • FORWARD: Applies only to packets going

through this computer

  • These are called chains
slide-11
SLIDE 11

11

Block Access to Web Servers on Network 3.3.3.0/24 for .12

1.1.1.0/24 1.1.2.0/24 1.1.0.0/16 2.2.2.0/24 4.4.4.0/24 3.3.3.0/24 .11 .12 .23 .24 .15.6 Ra Rb Rc Rd Re .99 .47 .35 .36 .1 .1 .4.4 .4.1 .4.2 .1

slide-12
SLIDE 12

12

Block Access to Web Servers on Network 3.3.3.0/24 for .12

1.1.1.0/24 1.1.2.0/24 1.1.0.0/16 2.2.2.0/24 4.4.4.0/24 3.3.3.0/24 .11 .12 .23 .24 .15.6 Ra Rb Rc Rd Re .99 .47 .35 .36 .1 .1 .4.4 .4.1 .4.2 .1 FORWARD: Src=1.1.1.12; Dst=3.3.3.0/24; Protocol=TCP; DstPort=80; Action=DROP

slide-13
SLIDE 13

13

Firewall Rules Viewed as Table

Rule Source Dest. Protocol Action 1 * 1.1.1.11:22 TCP DROP 2 1.1.1.12:* 3.3.3.0/24:80 TCP DROP Default * * * ACCEPT When packet arrives at firewall, rules are checked row-by-row. If a rule matches, the ACTION is taken and no further rules are checked. Separate tables for INPUT, OUTPUT and FORWARD chains. Firewall table for FORWARD: