Syracuse University
Linux Firewall Lab
Overview
The learning objective of this lab is for students to learn how firwall works by implementing a simple personal firewall for Linux. A personal firewall controls network traffic to and from a computer, permitting or denying communications based on a security policy.Firewalls have several types; in this lab, we focus on a very simple type, the packet filter. Packet filters act by inspecting the packets. If a packet matches the packet filter's set of rules, the packet filter will drop the packet either silently or send an "error responses" to the source. Packet filters are usually stateless; it filter each packet based only on the information contained in that packet, without paying attention to whether a packet is part of an existing stream of traffic. Packet filters often use a combination of the packet's source and destination address, its protocol, and, for TCP and UDP traffic, the port number.
Lab Description and Tasks (PDF)
-
For instructors: if you prefer to modify the lab description
to suit your own courses, you can download the source files (Latex)
from here.
Recommended Time: 2 weeks
Helpful Documents
- TA's presentation slides used in lab session
- Creating a simple "hello world" Netfilter module
- Creating a Netfilter kernel module which filters UDP packets
- Access the Linux kernel using the /proc filesystem
- Parsing program options using getopt
Student Feedbacks
To help us understand how effectively this lab has enhanced students' learning in computer security, we asked students to fill out an anonymous survey right after they finish the lab. We started to conduct the survey since 2007. The survey results depicted in the following are aggregate results over several years.- Survey Questionnaires (doc, pdf)
- Survey Results (Survey Results)
