'%3E%3Cg fill='%23000'%3E%3Cpath clip-rule='evenodd' d='m89 11.7c-.8 0-2.2.2-3.2 1.6v-8.10005h-2.8v16.80005h2.7v-1.3c1.1 1.5 2.6 1.5999 3.2 1.5999 3 0 5-2.2999 5-5.2999s-2-5.3-4.9-5.3zm-.7 2.5c1.7 0 2.8 1.2 2.8 2.8s-1.2 2.8-2.8 2.8c-1.7 0-2.8-1.2-2.8-2.8s1.1-2.8 2.8-2.8z' fill-rule='evenodd'/%3E%3Cpath d='m71.2 21.9999v-7.6h1.9v-2.4h-1.9v-3.40005h-2.8v3.40005h-1.1v2.4h1.1v7.6z'/%3E%3Cpath clip-rule='evenodd' d='m65.6999 12h-2.9v1.3c-.8999-1.5-2.4-1.6-3.2-1.6-2.9 0-4.8999 2.4-4.8999 5.3s1.9999 5.2999 5.0999 5.2999c.8 0 2.1001-.0999 3.1001-1.5999v1.3h2.7999zm-5.1999 7.8c-1.7001 0-2.8-1.2-2.8-2.8s1.2-2.8 2.8-2.8c1.7 0 2.7999 1.2 2.7999 2.8s-1.1999 2.8-2.7999 2.8z' fill-rule='evenodd'/%3E%3Cpath d='m79.7001 14.4c-.7-.6-1.3-.7-1.6-.7-.7 0-1.1.3-1.1.8 0 .3.1.6.9.9l.7.2c.1261.0472.2621.0945.4037.1437.7571.2632 1.6751.5823 2.0963 1.2563.3.4.5 1 .5 1.7 0 .9-.3 1.8-1.1 2.5s-1.8 1.0999-3 1.0999c-2.1 0-3.2-.9999-3.9-1.6999l1.5-1.7c.6.6 1.4 1.2 2.2 1.2s1.4-.4 1.4-1.1c0-.6-.5-.9-.9-1l-.6-.2c-.0687-.0295-.1384-.0589-.2087-.0887l-.0011-.0004c-.6458-.2729-1.3496-.5704-1.8902-1.1109-.5-.5-.8-1.1-.8-1.9 0-1 .5-1.8 1-2.3.8-.6 1.8-.7 2.6-.7.7 0 1.9.1 3.2 1.1z'/%3E%3Cpath d='m98.5 20.5-4.8-8.5h3.3l3.1 5.7 2.8-5.7h3.2l-8 15.3h-3.2z'/%3E%3Cpath d='m47 13.7h7c0 .0634.01.1267.0206.1932.0227.1435.0477.3018-.0206.5068 0 4.5-3.4 8.1-8 8.1s-8-3.6-8-8.1c0-4.49995 3.6-8.09995 8-8.09995 2.6 0 5 1.2 6.5 3.3l-2.3 1.49995c-1-1.29995-2.6-2.09995-4.2-2.09995-2.9 0-4.9 2.49995-4.9 5.39995s2.1 5.3 5 5.3c2.6 0 4-1.3 4.6-3.2h-3.7z'/%3E%3C/g%3E%3Cpath d='m18 14h7c0 5.2-3.7 9.6-8.5 10.8l-13.19995-13.2c1.1-4.9 5.5-8.6 10.69995-8.6 3.7 0 6.9 1.8 8.9 4.5l-1.5 1.3c-1.7-2.3-4.4-3.8-7.4-3.8-3.9 0-7.29995 2.5-8.49995 6l11.49995 11.5c2.9-1 5.1-3.5 5.8-6.5h-4.8z' fill='%23fff'/%3E%3Cpath d='m6.2 21.7001c-2.1-2.1-3.2-4.8-3.2-7.6l10.8 10.8c-2.7 0-5.5-1.1-7.6-3.2z' fill='%23fff'/%3E%3Cpath d='m14 0c-7.7 0-14 6.3-14 14s6.3 14 14 14 14-6.3 14-14-6.3-14-14-14zm-7.8 21.8c-2.1-2.1-3.2-4.9-3.2-7.6l10.9 10.8c-2.8-.1-5.6-1.1-7.7-3.2zm10.2 2.9-13.1-13.1c1.1-4.9 5.5-8.6 10.7-8.6 3.7 0 6.9 1.8 8.9 4.5l-1.5 1.3c-1.7-2.3-4.4-3.8-7.4-3.8-3.9 0-7.2 2.5-8.5 6l11.5 11.5c2.9-1 5.1-3.5 5.8-6.5h-4.8v-2h7c0 5.2-3.7 9.6-8.6 10.7z' fill='%237026b9'/%3E%3C/g%3E%3C/svg%3E){kind=small}
#Network
Virtual [[Classes/Network/Firewall]] OS - Linux based FreeBSD Most used opensource Firewall
Installing on VMware Workstation 17 pro We used Bridged as the connection time
After installation
we choose Edit > Virtual Network Editor
- we add a second network card and put it on vmnet2 (because we've put the other machines on the vmnet2 as well)
VMNet0 > Bridged > We choose the "Intel wifi driver" at this point.
![[Pasted image 20240306153516.png]]
rules in firewall
![[Pasted image 20240306155947.png]]
to block* to whitelist or blacklist address;
![[Pasted image 20240306160148.png]]
Exercise
block 192.168.0.1
accept 192.168.1.0 /24
block ICMP echo reply
Firewall Settings with [[pfSense]]
- Setting up pfSense replaces the router VM
- Now it's the router and we do the firewall settings on it
- We disabled the DHCP settings when installing because we have already put a static IP to our client.
- From the client we ping the gateway first !! always
- We go the a web browser in the client and go the gateway address (gateway is always the router address)
- admin and pfsense for the login credentials in the web browser.
- ![[Pasted image 20240327103425.png]]
- we enter the formation.lan and no DNS needed because automatically done by the main router connected
- we choose out timezone
- ![[Pasted image 20240327103752.png]]
- in the next step we remove the tick from the latest 2 options
- ![[Pasted image 20240327111858.png]]
- we're in
- ![[Pasted image 20240327104159.png]]
- we can add widgets
To activate DHCP server : Services > DHCP Server > LAN
![[Pasted image 20240327110857.png]]
Difference between NAT and Firewall Rules NAT : is only for one machine Rules : is for all the network (WAN)
ICMP : Internet Control Message Protocol ?? ==developer==
Authorizing SSH to Srvlx01 through NAT
We add a rule to NAT ![[Pasted image 20240327112458.png]]
Installing DHCP to the server though SSH
sudo apt install isc-dhcp-server
if user doesn't have the right we add it in nano /etc/sudoers : with user ALL: etc...
sudo nano /etc/dhcp/dhcpd.conf
to see the DHCP settings and edit them
Configuring [[DHCP]] Settings
we will send this file into the server with SSH (don't put comments like this in this image) ![[Pasted image 20240327114743.png]]![[Pasted image 20240327122612.png]] no space before the parantheses !
-
we connect to the WAN address of the firewall/pfSense through the FTP client
-
and copy the dhcpd.conf file to the router
-
![[Pasted image 20240327115407.png]]
-
WAN address is found on the Dashboard (172.16.254.129 in my case)
-
![[Pasted image 20240327115435.png]]
-
we will launch the DHCP service / daemon to activate it
-
to launch the service we enter
sudo systemctl start isc-dhcp-server.service -
to verify if it's active
sudo systemctl status isc-dhcp-server.service -
![[Pasted image 20240327123442.png]]
Now we see that it works on the client machine :
- ![[Pasted image 20240327123524.png]]