Sequence 1:Configuring a basic IPv4 Firewall
Instructions:
1. Use ssh to connect to serverX and become root:
2. Create a custom chain called CLASS-RULES and insert a rule at the top of INPUT that jumps all packets to it. Save the firewall configuration when you are done.
iptables -N CLASS-RULES
iptables -A INPUT -j CLASS-RULES
3.Populate the CLASS-RULES chain by editing /etc/sysconfig/iptables directly.Add rules that do the following:
ACCEPT all traffic arriving on the loopback interface(lo)
ACCEPT packets that use the icmp protocol
ACCEPT packets with the ESTABLISHED or RELATED state
HINT: you will need to load the state module to create this and similar rules.
ACCEPT packets desined for tcp port 22 ssh
ACCEPT packets with the NEW state destined for udp port 514
LOG and REJECT all packets not matched by one of the above rules
HINT you will need two rules to do this.
Do not load the new rules yet.

-A INPUT -j CLASS-RULES
-A CLASS-RULES -i lo -j ACCEPT
-A CLASS-RULES -p icmp -j ACCEPT
-A CLASS-RULES -m state --state ESTABLISHED,RELATED -j ACCEPT
-A CLASS-RULES -p tcp --dport 22 -j ACCEPT
-A CLASS-RULES -m state --state NEW -p udp --dport 514 -j ACCEPT
-A CLASS-RULES -j LOG
-A CLASS-RULES -j REJECT

4. Load your new rules.
server iptables restart

re-instate a basic CLASS-RULES chain by doing the following
a use xm console vserver to open a terminal to server x virtual machine
b disable the firewall by running service iptables stop
c use the following command to retrieve the reset-firewall script to your home directory
wget -p ~ ftp://server1/pub/gls/scripts/reset-firewall
d execute the sctipt by running ~/reset-firewall. This should create a basic firewall that allows ssh access. any other rules necessary for the lab will need to be added manually