iptables清除/添加规则

Iptables 路人甲 465℃ 0评论
#!/bin/bash
### Clear Old Rules
iptables -F
iptables -X
iptables -Z
iptables -t nat -F
iptables -t nat -X
iptables -t nat -Z
### * filter
# Default DROP
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
# INPUT Chain
iptables -A INPUT -p gre -j ACCEPT
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A INPUT -p tcp -m tcp –dport 21 -j ACCEPT
iptables -A INPUT -p tcp -m tcp –dport 22 -j ACCEPT
iptables -A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp –dport 1723 -j ACCEPT
iptables -A INPUT -p icmp -m icmp –icmp-type any -j ACCEPT
iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
# OUTPUT Chain
iptables -A OUTPUT -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT
# FORWARD Chain
iptables -A FORWARD -s 192.168.0.0/24 -o eth0 -j ACCEPT
iptables -A FORWARD -d 192.168.0.0/24 -i eth0 -j ACCEPT
### * nat
# POSTROUTING Chain
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE

分享是种美德:运维博客 » iptables清除/添加规则

喜欢 (0)or分享 (0)
发表我的评论
取消评论
表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址