LECTION 2: IPTABLES - DHCP - DNS

Table of Contents

Slides
Home

1. IP Tables

All modern operating systems come equipped with a firewall, it is a sotware application that regulates network traffic to a computer.
Firewalls create a barrier between a trusted network (like an office network) and an untrusted one (like the internet).
Firewalls work by defining rules that govern which traffic is allowed and which is blocked. The utility firewall developed for Linux systems is IP tables

  • Firewall
    It is a service and also it is as a layer between us and the Internet

1.1. How IP tables works?

Network traffic is made up of packets. Data is broken up into smaller pieces (called packets), sent over a network, then put back together. Iptables identifies the packets received and then uses a set of rules to decide what to do with them.

Tables There are files that joins similar actions, a table consists of several chains
Chains It is a string of rules, When a packet is received, iptables finds the appropriate table, then runs it through the chain of rules until it finds a match.
Rules A rule is a statement that tells the system what to do with a packet. Rules can block one type of packet, or forward another type of packet. The outcome, where a packet is sent, is called a target.
Targets A target is a decision of what to do with a packet, typically, this is to accept it, drop it, or reject it (which sends an error back to the sender)

IP tables consists of several entities: tables, chains, rules and targets.

1.1.1. IP Tables has four default tables:

  1. Filter:

    The Filter table is the most frequently used one. It acts as a bouncer, deciding who gets in and out of your network. It has the following default chains:

    1. Input

      The rules in this chain control the packets received by the server.

    2. Output

      This chain controls the packets for outbound traffic.

    3. Forward

      This set of rules controls the packets that are routed through the server.

  2. Network Address Translation (NAT)

    This table contains NAT (Network Address Translation) rules for routing packets to networks that cannot be accessed directly. When the destination or source of the packet has to be altered, the NAT table is used. It includes the following chains:

    1. Prerouting

      This chain assigns packets as soon as the server receives them.

    2. Output

      works the same as the output chain we described in the filter table.

    3. Postrouting

      The rules in this chain allow making changes to packets after they leave the output chain.

  3. Mangle

    The Mangle table adjusts the IP header properties of packets. The table has all the following chains we described above:

    1. Prerouting
    2. Postrouting
    3. Output
    4. Input
    5. Forward
  4. Raw

    The Raw table is used to exempt packets from connection tracking. The raw table has two of the chains we previously mentioned:

    1. Prerouting
    2. Output

1.1.2. Targets

A target is what happens after a packet matches a rule criteria. The targets in Linux iptables are:

  1. Accept

    This rule accepts the packets to come through the iptables firewall.

  2. Drop

    the dropped package is not matched against any further chain. When Linux iptables drop an incoming connection to your server, the person trying to connect does not receive an error. It appearsas if they are trying to connect to a non-existing machine.

    Example: I tried to ping and I do not recieve a response

  3. Return

    This rule sends the packet back to the originating chain so you can match it against other rules.

  4. Reject

    The iptables firewall rejects a packet and sends an error to the connecting device.

2. DHCP

Dynamic Host Configuration Protocol DHCP is a network management protocol used on Internet Protocol (IP) networks, where a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on the network, so they can communicate with other IP networks.
A DHCP server enables computers to request IP addresses and networking parameters automatically from the Internet Service Provicer (ISP), reducing the need for a network administrator or a user to manually assign IP addresses to al network devices.

2.1. DHCP installation

The Internet Systems Consortium (ISC) Dynamic Host Configuration Protocol (DHCP) server is free, open-source, and easy to install. Both enterprises and small networks have used ISC DHCP in production for many years.

2.1.1. Dnsmasq

It is a lightweight, easy to configure, DNS forwarder and DHCP server. It is designed to provide DNS and optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP allocated addresses to appear in the DNS with names configured either in each host or in a central configuration file. Dnsmasq supports static and dynamic DHCP leases and BOOTP/TFTP for network booting of diskless machines Here is an interesting link about it

Home

Author: Andres Amezquita

Created: 2023-04-16 dom 00:50