Iptables.rule lv firewall de, praise and cut down sequence iptables.allow lv secret Conference so words and tone down Hui Lv iptables.deny Conference so words and iptables.allow and flag ้ทน ・ ・ #/bin/bas # Thisisanesayfirewall.
#theinsideinterface.ifyoudon'thavethisone #andyoumustletthisbeblackex>INIF="" INIF="et0" INNET="192.168.160.0/20" #2.0loadtherightmodule PATH=/sbin・/bin・/usr/sbin・/usr/bin exportPATHEXTIFINIFINNET modprobeip_tables>/dev/null2>&1 modprobeiptable_nat>/dev/null2>&1 modprobeip_nat_ftp>/dev/null2>&1 modprobeip_nat_irc>/dev/null2>&1 modprobeip_conntrack>/dev/null2>&1 modprobeip_conntrack_ftp>/dev/null2>&1 modprobeip_conntrack_irc>/dev/null2>&1 #3.0cleariptablesrule /sbin/iptables- /sbin/iptables-X /sbin/iptables-Z /sbin/iptables-F-tnat /sbin/iptables-X-tnat /sbin/iptables-Z-tnat /sbin/iptables-PINPUTDROP /sbin/iptables-POUTPUTACCEPT /sbin/iptables-PFORWARDACCEPT /sbin/iptables-tnat-PPREROUTINGACCEPT /sbin/iptables-tnat-PPOSTROUTINGACCEPT /sbin/iptables-tnat-POUTPUTACCEPT #4.0startloadingtrustedanddeniedfile. if[-f/usr/local/virus/iptables/iptables.allow]・ten sh/usr/local/virus/iptables/iptables.allow i if[-f/usr/local/virus/iptables/iptables.deny]・ten sh/usr/local/virus/iptables/iptables.deny i #5.0ifthefollowingfileexist・pleaseexecuted if[-f/usr/local/virus/httpd-err/iptables.http]・ten sh/usr/local/virus/httpd-err/iptables.ttp i #6.0allowicmpdatapacketandtheestablishddata /sbin/iptables-AINPUT-mstate!!stateESTABLISHED・RELATED-jACCEPT AICMP="033/441112141618" fortyicmpin$AICMP do /sbin/iptables-AINPUT-i$EXTIF="eth0"-picmp!!icmp-type$tyicmp-jACCEPT done
No comments:
Post a Comment