From 4666d19e5b7efa763c25e54c3a90d9ef38f9b234 Mon Sep 17 00:00:00 2001 From: Holger Dengler Date: Mon, 15 Jan 2018 16:35:01 +0100 Subject: security: change code fontsize to scriptsize Fontsize "scriptsize" is a good alternative between default fontsize and "tiny". Signed-off-by: Holger Dengler --- security/firewall/pres_iptables.tex | 52 ++++++++++++++++++------------------- 1 file changed, 26 insertions(+), 26 deletions(-) (limited to 'security/firewall/pres_iptables.tex') diff --git a/security/firewall/pres_iptables.tex b/security/firewall/pres_iptables.tex index b45eddf..e7fd23d 100644 --- a/security/firewall/pres_iptables.tex +++ b/security/firewall/pres_iptables.tex @@ -201,38 +201,38 @@ Note: Use penetration tools \emph{very} carefully! \begin{frame}[containsverbatim] \frametitle{iptables: Commands} \begin{beamerboxesrounded}[shadow=true]{Show all Chains of Table \emph{filter}:} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} iptables -t filter -L iptables -L # Table filter is default \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \begin{beamerboxesrounded}[shadow=true]{Flush all Chains:} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} iptables -F \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \begin{beamerboxesrounded}[shadow=true]{Set default Policies:} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} iptables -P \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \begin{beamerboxesrounded}[shadow=true]{User-defined Chains:} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} iptables -N # create new chain iptables -X # delete chain iptables -E # rename chain \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \end{frame} @@ -240,7 +240,7 @@ iptables -E # rename chain \begin{frame}[containsverbatim] \frametitle{iptables: Commands} \begin{beamerboxesrounded}[shadow=true]{Rules:} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} iptables -A # append rule to chain iptables -C # find matching rule in chain @@ -250,7 +250,7 @@ iptables -I # insert rule in chain as rule-num iptables -R # replace rule in chain iptables -F # flush all rules in chain \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \end{frame} @@ -258,25 +258,25 @@ iptables -F # flush all rules in chain \begin{frame}[containsverbatim] \frametitle{iptables: Commands} \begin{beamerboxesrounded}[shadow=true]{Rule specifications:} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} --source / # match source IP/IP-range --sport # match source port --destination / # match destination IP/IP-range --dport # match destination port \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \begin{beamerboxesrounded}[shadow=true]{Match extensions:} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} --modprobe # load target or match extension module --m connstate --ctstate # extension connstate, match state --m icmp --icmp-type # extension icmp-type, match packet type --m limit --limit / # extension limit, limit to rate per interval \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \end{frame} @@ -298,7 +298,7 @@ iptables -F # flush all rules in chain \begin{frame}[containsverbatim] \frametitle{Example} \begin{beamerboxesrounded}[shadow=true]{Preparation} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} # set default policy iptables -P INPUT DROP # opt: REJECT, ACCEPT @@ -308,7 +308,7 @@ iptables -P OUTPUT DROP # opt: REJECT, ACCEPT iptables -F ... \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \end{frame} @@ -316,7 +316,7 @@ iptables -F \begin{frame}[containsverbatim] \frametitle{Example} \begin{beamerboxesrounded}[shadow=true]{SSH-Client} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} # # Allow incoming traffic only @@ -325,7 +325,7 @@ iptables -F iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \end{frame} @@ -333,7 +333,7 @@ iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j \begin{frame}[containsverbatim] \frametitle{Example} \begin{beamerboxesrounded}[shadow=true]{Web-Server} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} # # Allow outgoing traffic only @@ -344,7 +344,7 @@ iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED - iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \end{frame} @@ -352,7 +352,7 @@ iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED - \begin{frame}[containsverbatim] \frametitle{Example} \begin{beamerboxesrounded}[shadow=true]{FTP-Server (iptables-persistent script)} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} *filter :INPUT DROP [0:0] @@ -367,7 +367,7 @@ iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED - # Important: always necessary for iptables-restore COMMIT \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \end{frame} @@ -375,7 +375,7 @@ COMMIT \begin{frame}[containsverbatim] \frametitle{Example} \begin{beamerboxesrounded}[shadow=true]{User-defined LOGDROP chain} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} # create new chain iptables -X LOGDROP @@ -383,7 +383,7 @@ iptables -N LOGDROP iptables -A LOGDROP -m limit --limit 2/min -j LOG --log-prefix "LOGDROP: " --log-level 7 iptables -A LOGDROP -j DROP \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \end{frame} @@ -391,7 +391,7 @@ iptables -A LOGDROP -j DROP \begin{frame}[containsverbatim] \frametitle{Example} \begin{beamerboxesrounded}[shadow=true]{Trace all outgoing traffic} -\begin{tiny} +\begin{scriptsize} \begin{verbatim} *filter @@ -407,7 +407,7 @@ iptables -A LOGDROP -j DROP # Important: always necessary for iptables-restore COMMIT \end{verbatim} -\end{tiny} +\end{scriptsize} \end{beamerboxesrounded} \end{frame} -- cgit v1.2.3