Iptables

2014年11月30日 (日) 00:29的版本

您可以在Wikipedia上了解到此条目的英文信息 Iptables Thanks, Wikipedia.

iptables is a sub-project of netfilter

iptables is the userspace command line program used to configure the Linux 2.4.x and 2.6.x IPv4 packet filtering ruleset. It is targeted towards system administrators.

Since Network Address Translation is also configured from the packet filter ruleset, iptables is used for this, too.

The iptables package also includes ip6tables. ip6tables is used for configuring the IPv6 packet filter.

iptables requires a kernel that features the ip_tables packet filter. This includes all 2.4.x and 2.6.x kernel releases.

Main Features

listing the contents of the packet filter ruleset
adding/removing/modifying rules in the packet filter ruleset
listing/zeroing per-rule counters of the packet filter ruleset

例子

iptables.sh

#!/bin/bash
#

iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

链接

http://netfilter.org/projects/iptables

Iptables

2014年11月30日 (日) 00:29的版本

例子

链接

个人工具

名字空间

变换

查看

操作

搜索

导航

工具箱

@@ 第16行： / 第16行： @@
 *listing/zeroing per-rule counters of the packet filter ruleset
-http://netfilter.org/projects/iptables
+==例子==
+iptables.sh
+ #!/bin/bash
+ #
-[[Category:Firewall]]
+ iptables -F
-[[Category:Linux]]
+ iptables -t nat -F
+ iptables -t mangle -F
+ iptables -X
+ iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
+ iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
+==链接==
+*http://netfilter.org/projects/iptables
+[[category:firewall]]
+[[category:linux]]