wikiv3:firewallddb
Firewall Simples
# mkdir /etc/firewall
# iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # iptables -A INPUT -p icmp -j ACCEPT # iptables -A INPUT -i lo -j ACCEPT # iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT # iptables -A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT # iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited # iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited
# iptables-save > /etc/firewall/iptables.rule4
# ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # ip6tables -A INPUT -p ipv6-icmp -j ACCEPT # ip6tables -A INPUT -i lo -j ACCEPT # ip6tables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT # ip6tables -A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT # ip6tables -A INPUT -j REJECT --reject-with icmp6-adm-prohibited # ip6tables -A FORWARD -j REJECT --reject-with icmp6-adm-prohibited
# ip6tables-save > /etc/firewall/iptables.rule6
# cat /etc/network/interfaces # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet dhcp # The primary network interface allow-hotplug eth1 iface eth1 inet static address 198.50.100.254 netmask 255.255.255.0 pre-up iptables-restore < /etc/firewall/iptables.rule4 iface eth1 inet6 static address 2001:db8:cafe:cade::254 netmask 64 pre-up ip6tables-restore < /etc/firewall/iptables.rules6
# ip6tables -L -v -n # iptables -L -v -n
wikiv3/firewallddb.txt · Last modified: by 127.0.0.1