Been on this issues couples of days now, but getting a negative result, after installing the iptables and configuring the rules for accept and drop configuration, Pls help review and revised ASAP.
Attached is the task/assessment; We have one of our websites up and running on our Nautilus infrastructure in Stratos DC. Our security team has raised a concern that right now Apache’s port i.e 8086 is open for all since there is no firewall installed on these hosts. So we have decided to add some security layer for these hosts and after discussions and recommendations we have come up with the following requirements:
Install iptables and all its dependencies on each app host.
Block incoming port 8086 on all apps for everyone except for LBR host.
Make sure the rules remain, even after system reboot.
1- ssh into each app servers and do the following.
2- Install iptables into each server, run this command
" sudo yum install iptables-services "
3- Add rule to allow tcp & udp traffic from source LBR host “172.16.238.14” to destination port 8086, run the two commands
“sudo iptables -A INPUT -s 172.16.238.14 -p tcp --dport 8086 -j ACCEPT”
“sudo iptables -A INPUT -s 172.16.238.14 -p udp --dport 8086 -j ACCEPT”
4- Add rule to block all traffic both tcp & udp for destination port 8086, run this two commands:
“sudo iptables -A INPUT -p tcp --destination-port 8086 -j DROP”
“sudo iptables -A INPUT -p udp --destination-port 8086 -j DROP”
5- Save the rules to make them persistent.
"sudo /sbin/service iptables save "
6- Verify the rules by listing them
“sudo iptables -L -v -n”
7- You should be able to ssh into LBR host (loki@stlb01) and verify accessibility into each app servers via Apache’s port 8086 “curl http://stapp01:8086”, you should get html ouput.