欢迎大家赞助一杯啤酒🍺 我们准备了下酒菜:Formal mathematics/Isabelle/ML, Formal verification/Coq/ACL2, C++/F#/Lisp
Iptables
来自开放百科 - 灰狐
(版本间的差异)
小 (→例子) |
|||
| (未显示1个用户的2个中间版本) | |||
| 第1行: | 第1行: | ||
| + | {{SeeWikipedia}} | ||
| + | |||
iptables is a sub-project of [[netfilter]] | iptables is a sub-project of [[netfilter]] | ||
| 第14行: | 第16行: | ||
*listing/zeroing per-rule counters of the packet filter ruleset | *listing/zeroing per-rule counters of the packet filter ruleset | ||
| − | http://netfilter.org/projects/iptables | + | ==例子== |
| + | iptables.sh | ||
| + | #!/bin/bash | ||
| + | # | ||
| + | |||
| + | iptables -F | ||
| + | iptables -t nat -F | ||
| + | iptables -t mangle -F | ||
| + | iptables -X | ||
| + | iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | ||
| + | iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT | ||
| + | iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT | ||
| + | iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE | ||
| + | 开放9160端口 | ||
| + | iptables -I INPUT -p tcp --dport 9160 -j ACCEPT | ||
| + | netstat -anp | grep LISTEN | awk '{print $4}' | sed s/".*:"//g | sort -n -u | ||
| + | |||
| + | ==链接== | ||
| + | *http://netfilter.org/projects/iptables | ||
| + | |||
| + | [[category:firewall]] | ||
| + | [[category:linux]] | ||
2015年10月14日 (三) 09:45的最后版本
|
您可以在Wikipedia上了解到此条目的英文信息 Iptables Thanks, Wikipedia. |
iptables is a sub-project of netfilter
iptables is the userspace command line program used to configure the Linux 2.4.x and 2.6.x IPv4 packet filtering ruleset. It is targeted towards system administrators.
Since Network Address Translation is also configured from the packet filter ruleset, iptables is used for this, too.
The iptables package also includes ip6tables. ip6tables is used for configuring the IPv6 packet filter.
iptables requires a kernel that features the ip_tables packet filter. This includes all 2.4.x and 2.6.x kernel releases.
Main Features
- listing the contents of the packet filter ruleset
- adding/removing/modifying rules in the packet filter ruleset
- listing/zeroing per-rule counters of the packet filter ruleset
[编辑] 例子
iptables.sh
#!/bin/bash #
iptables -F iptables -t nat -F iptables -t mangle -F iptables -X iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
开放9160端口
iptables -I INPUT -p tcp --dport 9160 -j ACCEPT
netstat -anp | grep LISTEN | awk '{print $4}' | sed s/".*:"//g | sort -n -u
[编辑] 链接
分享您的观点
