Suricata Schaubild: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „;suricata *WANDEV=enp0s3 *LANDEV=enp0s8 {{#drawio:ids}}“) |
|||
| (7 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
| − | + | =Ohne IDS/IPS= | |
| − | |||
| − | |||
{{#drawio:ids}} | {{#drawio:ids}} | ||
| + | =Mit IDS/IPS= | ||
| + | {{#drawio:ids-1}} | ||
| + | =Änderungen= | ||
| + | ==Firewall== | ||
| + | ;enp0s8 172.31.31.1/24 | ||
| + | ;ip route add 10.0.101.0/24 via 172.31.31.2 | ||
| + | ;iptables -A FORWARD -s 172.31.31.2/24 -i $DMZDEV -o $WANDEV -m state --state NEW -j ACCEPT | ||
| + | ;iptables -t nat POSTROUTING -s 172.31.31.2/24 -o $WANDEV -j MASQUERADE | ||
| + | |||
| + | ==IDS/IPS== | ||
| + | ;enp0s3 172.31.31.2/24 | ||
| + | ;enp0s8 10.0.101.1/24 | ||
| + | ;sysctl -w net.ipv4.ip_forward=1 | ||
| + | ;ip route add default via 172.31.31.1 | ||
Aktuelle Version vom 13. Dezember 2022, 10:39 Uhr
Ohne IDS/IPS
Mit IDS/IPS
![Bearbeiten](javascript:editDrawio("241600926", "ids.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
![Bearbeiten](javascript:editDrawio("842235619", "ids-1.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
Änderungen
Firewall
- enp0s8 172.31.31.1/24
- ip route add 10.0.101.0/24 via 172.31.31.2
- iptables -A FORWARD -s 172.31.31.2/24 -i $DMZDEV -o $WANDEV -m state --state NEW -j ACCEPT
- iptables -t nat POSTROUTING -s 172.31.31.2/24 -o $WANDEV -j MASQUERADE
IDS/IPS
- enp0s3 172.31.31.2/24
- enp0s8 10.0.101.1/24
- sysctl -w net.ipv4.ip_forward=1
- ip route add default via 172.31.31.1