A stateful firewall that leverage Linux Netfilter for packet filtering.
Supports both zone-based and interface-based policies.
Download free .iso file from VyOS from the link below
Go to rolling release page and download the latest one (this release is free)
In VirtualBox, create new VM with:
<aside>
General
OS: Linux
OS Version: Oracle Linux (64-bit)
System
Base Memory: 1GB (1024MB)
Boot Device Order: Enable Optical and Hard Disk
Display
Video Memory: 16MB
CPU: 1
Storage
Controller IDE: Click Empty and choose the .iso file for Optical Device
Network
Attacked to: Host-only Adapter
</aside>
Start the VM
Follow steps of this link : https://changineer.info/network/vyatta/vyatta_os_install.html (JP)
Some configuration steps aren’t mentioned in the article
Here’s my configuration
<aside>
Name of image (mentioned but changed)
→ Changed to VyOS
</aside>
<aside>
What kind of console?
→ Select KVA
(KVA: When you’re using physical monitor and keyboard)
(Serial: When you’re connection via serial console port)
</aside>
Setup firewall
<aside>
eth0 = WAN, eth1 = LAN).ping, curl, nmap from attacker side.# Create group
set firewall group interface-group WAN interface eth0
set firewall group interface-group LAN interface eth1
****set firewall group interface-group DMZ interface eth2
# WAN -> LAN
set firewall ipv4 name WAN-IN default-action drop
set firewall ipv4 name WAN-IN rule 10 action accept
set firewall ipv4 name WAN-IN rule 10 state established
set firewall ipv4 name WAN-IN rule 10 state related
set firewall ipv4 forward filter rule 10 action jump
set firewall ipv4 forward filter rule 10 jump-target WAN-IN
set firewall ipv4 input filter rule 10 action jump
set firewall ipv4 input filter rule 10 jump-target WAN-IN