create firewall rules to protect internal server:

We will protect the TCP servers inside the internal networkWe will protect the TCP servers inside the internal network $(192\mathrm{.}168\mathrm{.}60\mathrm{.}0/24).$ The goals are:

$$ All the internal hosts run a telnet server $($listening to port $23).$

$$ Outside hosts can only access the telnet server on $192\mathrm{.}168\mathrm{.}60\mathrm{.}5,$ not the other internal hosts.

$$ Outside hosts cannot access other internal servers.

$$ Internal hosts can access all the internal servers.

$$ Internal hosts cannot access external servers.

Below is an example of a stateless firewall rule for restricting TCP port $5000.$

$$ iptables $-$A FORWARD $-$i eth$0-$p tcp $--$sport $5000-$j ACCEPT