1
00:00:00,390 --> 00:00:03,900
‫Now we're going to talk about a firewall and packet filtering.

2
00:00:04,050 --> 00:00:12,360
‫OK, so a firewall is basically a filtering gateway, and it only acts on packets that need to pass

3
00:00:12,360 --> 00:00:18,450
‫through so it can only be effective when going through the firewall is the only path for those packets

4
00:00:18,450 --> 00:00:18,930
‫you follow.

5
00:00:19,830 --> 00:00:25,230
‫So the absence of a standard configuration explains a lack of a turnkey solution.

6
00:00:25,560 --> 00:00:31,020
‫However, there are tools to make configuring the net filter firewall way easier.

7
00:00:32,040 --> 00:00:38,190
‫So the net filter firewall is built into the Linux kernel due to different network and user requirements,

8
00:00:38,190 --> 00:00:44,640
‫there's no turnkey solution with any firewall, with any firewall ever, anywhere, even though they

9
00:00:44,640 --> 00:00:46,560
‫might market one anyway.

10
00:00:47,130 --> 00:00:55,170
‫You can control net filter from the user's base using the IP tables and the IP six tables commands.

11
00:00:56,040 --> 00:01:01,560
‫Now, the difference between these two commands is that the first works for IPv4 networks is second

12
00:01:01,800 --> 00:01:04,260
‫works on Guess what, IPv6.

13
00:01:05,130 --> 00:01:08,700
‫So you can also use UFW as a net filter firewall.

14
00:01:09,510 --> 00:01:12,660
‫That's, of course, what the cool kids call uncomplicated firewall.

15
00:01:13,440 --> 00:01:19,140
‫So UFW is a program for managing a net filter firewall designed to be easy to use.

16
00:01:19,560 --> 00:01:26,250
‫It uses a command line interface consisting of a small number of simple commands and uses IP tables

17
00:01:26,250 --> 00:01:27,240
‫for configuration.

18
00:01:28,260 --> 00:01:30,630
‫We're also going to see a very simple example.

19
00:01:31,440 --> 00:01:36,490
‫So in other words, however, you decide to configure it, and that filter is Linux firewall implementation.

20
00:01:36,510 --> 00:01:37,940
‫So why don't we just have a closer look?

21
00:01:37,950 --> 00:01:38,910
‫See how it works.

22
00:01:40,320 --> 00:01:43,020
‫So that filter uses four distinct tables, right?

23
00:01:43,290 --> 00:01:48,630
‫And these store rules regulating three kinds of operations on packets.

24
00:01:49,590 --> 00:01:53,190
‫That filter mango and raw.

25
00:01:54,450 --> 00:01:58,620
‫Now, each table contains a list of rules called chains.

26
00:02:00,310 --> 00:02:06,280
‫Firewall uses standard strings to process packets according to predefined conditions.

27
00:02:07,850 --> 00:02:11,960
‫All right, so the schema that you see on a screen is a schema of the net filter chain.

28
00:02:12,980 --> 00:02:19,910
‫Each chain is a list of rules, so each rule is a set of conditions and then actions that are going

29
00:02:19,910 --> 00:02:22,760
‫to be performed when the conditions are met.

30
00:02:24,930 --> 00:02:27,150
‫So let's use the IP table command.

31
00:02:28,360 --> 00:02:29,080
‫Open, Callie.

32
00:02:30,190 --> 00:02:38,470
‫Let's start with the IP tables, and we'll create some rules, right, pseudo sue dash for permission.

33
00:02:39,190 --> 00:02:39,580
‫Right.

34
00:02:39,940 --> 00:02:40,990
‫IP tables.

35
00:02:41,350 --> 00:02:43,600
‫Dash H to see the commands.

36
00:02:44,650 --> 00:02:48,460
‫So you can see the parameters and the definitions of them.

37
00:02:49,490 --> 00:02:51,800
‫Now, to see if it's working, let's create a simple rule.

38
00:02:52,430 --> 00:02:58,580
‫So first rate iptables Dash L to list all the rules, as you can see.

39
00:02:59,010 --> 00:03:00,560
‫Well, we don't have a rule right now.

40
00:03:02,110 --> 00:03:08,980
‫So in this example, what we'll do is we'll accept all traffic from the age connection, so we'll write

41
00:03:09,010 --> 00:03:20,080
‫iptables dash a input dash p TCP Dash Deport 22 Dash J Accept.

42
00:03:21,240 --> 00:03:23,580
‫So the dash here means append.

43
00:03:24,150 --> 00:03:29,700
‫And it adds the rule to the end of the current chain or the chain that you specify.

44
00:03:30,510 --> 00:03:33,450
‫So in this case, input is a chain that we are adding the rule.

45
00:03:34,550 --> 00:03:38,060
‫Dash P specifies a protocol that we want to allow.

46
00:03:38,600 --> 00:03:44,060
‫We want to allow TCP connections because, as I say, age uses TCP connections.

47
00:03:45,310 --> 00:03:49,840
‫Double Dash Deport is the destination port of the connection.

48
00:03:49,990 --> 00:03:52,510
‫So Associates uses Port 22.

49
00:03:53,480 --> 00:03:56,870
‫And J is what you want to have happen.

50
00:03:57,470 --> 00:04:04,820
‫So it's a target of the rule and we want to accept sage traffic, so hit enter and with rules again.

51
00:04:05,360 --> 00:04:05,780
‫Right.

52
00:04:06,260 --> 00:04:08,780
‫IP tables, Dash L list rules.

53
00:04:09,110 --> 00:04:13,670
‫And as you can see, we have successfully added the rule and the rule table.

54
00:04:14,610 --> 00:04:17,820
‫Now it's going to accept all traffic coming from 422.

55
00:04:19,250 --> 00:04:21,050
‫Now, let's say that you want to delete a rule.

56
00:04:21,350 --> 00:04:29,180
‫Well, first, right, I.P. tables, Dash L double dash line, dash numbers, and that way we can see

57
00:04:29,180 --> 00:04:31,520
‫which line that you wanted to lead.

58
00:04:31,550 --> 00:04:33,110
‫Here is our rule.

59
00:04:33,470 --> 00:04:35,360
‫And this is the one that we want to delete.

60
00:04:35,360 --> 00:04:36,500
‫So right?

61
00:04:37,250 --> 00:04:45,200
‫Tables Dash D and the chain name, which is input and the number of the line, which is one hit enter.

62
00:04:46,010 --> 00:04:47,090
‫List the rules again.

63
00:04:47,750 --> 00:04:50,870
‫And as you can see, the rule was deleted.

64
00:04:51,620 --> 00:04:52,040
‫Cool.

65
00:04:53,340 --> 00:04:55,980
‫All right, so now the next tool is UFW.

66
00:04:57,220 --> 00:05:01,270
‫Open the terminal and right, have UFW Dash help?

67
00:05:02,390 --> 00:05:07,880
‫And you can see the options here, so enable the firewall to allow or deny the connections or whatever.

68
00:05:08,390 --> 00:05:11,840
‫So what we're going to do is allow the S.H. connection.

69
00:05:12,500 --> 00:05:12,890
‫Right.

70
00:05:13,130 --> 00:05:16,070
‫Sudo UFW allow access H.

71
00:05:23,940 --> 00:05:27,330
‫And you can see here that the sage rule was added.

72
00:05:28,570 --> 00:05:34,420
‫And then to activate the firewall, right, sudo UFW enable.

73
00:05:35,230 --> 00:05:37,060
‫And the firewall is activated.

74
00:05:38,530 --> 00:05:40,400
‫Let's have a look at the active rules.

75
00:05:40,990 --> 00:05:44,140
‫So we'll write sudo UFW status numbered.

76
00:05:45,560 --> 00:05:49,070
‫And there you can see the SSA rule is activated.

77
00:05:50,730 --> 00:05:51,210
‫Awesome.