I would like to test a scenario where server A cannot reach server B. To establish this, I will add iptables rules on server A so ssh connections fail. After some research (basically reading this article) I managed to come up with the rules I need. Before doing anything it is good to know the state of the system. Use
iptables -S
to find out existing rules on your system. To block connections to ssh, use:
iptables -A OUTPUT -p tcp --dport ssh -d 192.168.124.82 -j REJECT
removing the rule is simple, list the rules with iptables -S and replace -A with -D:
iptables -D OUTPUT -d 192.168.124.82/32 -p tcp -m tcp --dport 22 -j REJECT --reject-with icmp-port-unreachable
No comments:
Post a Comment