Question 9Your organization uses a Linux-based network, and you’re configuring Uncomplicated Firewall (ufw). You want to disable file transfers that use the File Transfer Protocol (FTP), which occurs on port 21. Which command can you use to block all traffic on this port?1 pointsudoufw reload 21sudoufw delete 21sudoufw allow 21sudoufw deny 21

Configure ufw so that it blocks all incoming traffic, except the following TCP ports:22 (SSH)443 (HTTPS SSL)80 (HTTP)

Select the secure FTP protocol with the stated feature.Uses TCP port 990Requires two ports to be open on the firewallOnly requires a single port to be open on the firewallUses the SSH protocol to provide communication security

Let’s install the ufw firewall and setup a few rules on web-01.Requirements:The requirements below must be applied to web-01 (feel free to do it on lb-01 and web-02, but it won’t be checked)Configure ufw so that it blocks all incoming traffic, except the following TCP ports:22 (SSH)443 (HTTPS SSL)80 (HTTP)Share the ufw commands that you used in your answer file

1. Port forwarding#advancedFirewalls can not only filter requests, they can also forward them.Requirements:Configure web-01 so that its firewall redirects port 8080/TCP to port 80/TCP.Your answer file should be a copy of the ufw configuration file that you modified to make this happenTerminal in web-01:root@03-web-01:~# netstat -lpnActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2473/nginxtcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 978/sshdtcp6 0 0 :::80 :::* LISTEN 2473/nginxtcp6 0 0 :::22 :::* LISTEN 978/sshdudp 0 0 0.0.0.0:68 0.0.0.0:* 594/dhclientudp 0 0 0.0.0.0:54432 0.0.0.0:* 594/dhclientudp6 0 0 :::32563 :::* 594/dhclientActive UNIX domain sockets (only servers)Proto RefCnt Flags Type State I-Node PID/Program name Pathunix 2 [ ACC ] SEQPACKET LISTENING 7175 433/systemd-udevd /run/udev/controlunix 2 [ ACC ] STREAM LISTENING 6505 1/init @/com/ubuntu/upstartunix 2 [ ACC ] STREAM LISTENING 8048 741/dbus-daemon /var/run/dbus/system_bus_socketunix 2 [ ACC ] STREAM LISTENING 8419 987/acpid /var/run/acpid.socketroot@03-web-01:~#root@03-web-01:~# grep listen /etc/nginx/sites-enabled/default listen 80 default_server; listen [::]:80 default_server ipv6only=on; # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000# listen 8000;# listen somename:8080;# listen 443;root@03-web-01:~#My web server nginx is only listening on port 80netstat shows that nothing is listening on 8080Terminal in web-02:ubuntu@03-web-02:~$ curl -sI web-01.holberton.online:80HTTP/1.1 200 OKServer: nginx/1.4.6 (Ubuntu)Date: Tue, 07 Mar 2017 02:14:41 GMTContent-Type: text/htmlContent-Length: 612Last-Modified: Tue, 04 Mar 2014 11:46:45 GMTConnection: keep-aliveETag: "5315bd25-264"Accept-Ranges: bytesubuntu@03-web-02:~$ curl -sI web-01.holberton.online:8080HTTP/1.1 200 OKServer: nginx/1.4.6 (Ubuntu)Date: Tue, 07 Mar 2017 02:14:43 GMTContent-Type: text/htmlContent-Length: 612Last-Modified: Tue, 04 Mar 2014 11:46:45 GMTConnection: keep-aliveETag: "5315bd25-264"Accept-Ranges: bytesubuntu@03-web-02:~$I use curl to query web-01.holberton.online, and since my firewall is forwarding the ports, I get a HTTP 200 response on port 80/TCP and also on port 8080/TCP.Repo:GitHub repository: alx-system_engineering-devopsDirectory: 0x13-firewallFile: 100-port_forwarding

1. Port forwarding#advancedFirewalls can not only filter requests, they can also forward them.Requirements:Configure web-01 so that its firewall redirects port 8080/TCP to port 80/TCP.Your answer file should be a copy of the ufw configuration file that you modified to make this happen