|
iptables配置文件 # Generated by iptables-save v1.3.5 on Fri May 23 22:48:53 2014 *filter :INPUT ACCEPT [1409:372368] :FORWARD ACCEPT [11964:4465532] :OUTPUT ACCEPT [7344:3304920] :RH-Firewall-1-INPUT - [0:0] -A INPUT -p tcp -m tcp --dport 7650 -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -p tcp -m tcp --dport 5000:6000 -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT -A INPUT -p tcp -m tcp --dport 20 -j ACCEPT -A INPUT -p tcp -m tcp --dport 60 -j ACCEPT -A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT -A INPUT -p udp -m udp --dport 53 -j ACCEPT -A INPUT -p gre -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --set-mss 1356 #-A FORWARD -m state --state INVALID -j DROP #-A OUTPUT -p tcp -m tcp --sport 31337:31340 -j DROP #-A OUTPUT -p tcp -m tcp --sport 32335 -j DROP #-A OUTPUT -p tcp -m tcp --sport 27444 -j DROP #-A OUTPUT -p tcp -m tcp --sport 27665 -j DROP #-A OUTPUT -p tcp -m tcp --sport 20034 -j DROP #-A OUTPUT -p tcp -m tcp --sport 9704 -j DROP #-A OUTPUT -p tcp -m tcp --sport 137:139 -j DROP #-A OUTPUT -p tcp -m tcp --sport 2049 -j DROP #-A OUTPUT -m state --state INVALID -j DROP COMMIT # Completed on Fri May 23 22:48:53 2014 # Generated by iptables-save v1.3.5 on Fri May 23 22:48:53 2014 *nat :PREROUTING ACCEPT [2339:435496] :POSTROUTING ACCEPT [15:1056] :OUTPUT ACCEPT [15:1056] -A POSTROUTING -s 192.168.10.0/255.255.255.0 -o eth0 -j SNAT --to-source 119.134.250.46 #-A POSTROUTING -s 192.168.10.0/255.255.255.0 -o eth0 -j MASQUERADE COMMIT # Completed on Fri May 23 22:48:53 2014 |
|
|
來(lái)自: 昵稱(chēng)15295966 > 《Filter》
