2. application of rules for example allow WWW Iptables iptables – AINPUT – ptcp – dport80 – jACCEPT the rule is added to the filter table of INPUT chain that allows the destination port is 80.
On the internal interface allows DCP iptables – AINPUT – ieth0 – ptcp--sport68--dport67ACCEPT iptables – AINPUT – ieth0 – pucp--sport68--dport67ACCEPT above while allowing TCP and UDP protocols. 3. saving and restoring Iptables saved using Iptables iptables-save to existing iptables rules save that path to iptables-save > iptables-save, such as # iptables-save >/etc/iptables.up.rule recovery Iptables configuration using iptables-restore from iptables table to document the existing iptables table. Iptables-restore/etc/iptables.up.rule # restoretheiptablesrulewhenshutdowntheinterfaceet0 and then reactivate the eth0. In addition, you can make changes to the configuration file/etc/iptables.up.rule, to change the iptables rules. Iptables.up.rule format: # Generatedbyiptables-saveV1.3.3onTueJul3114: 18 442007 * filter: INPUTACCEPT [73: 8213]: FORWARDACCEPT [0: 0]: OUTPUTACCEPT [8: 825]-AINPUT – ilo – picmp – jDROP-AINPUT – ieth0 – picmp – jDROP COMMIT # CompletedonTueJul3114: 10 rows and rows between 442007 cannot have empty lines. Three .Summary iptables chain in each rule order is important, if the first is the acceptall, then all packets will be allowed through the firewall, so it should be appropriate arrangements for the rule. General rule is: deny all allow minority.
No comments:
Post a Comment