iptables

Sekcia: Aplikácie & Desktop 24.09.2008 | 17:15
iptables   Návštevník
Zdravim, ake by som mal dat predefinovane pravidla na firewall iptables na serveri?
  • Re: iptables 24.09.2008 | 17:19
   Avatar lime Debian 3, Red Hat 6, Fedora Core 3  Používateľ
   IPTABLES="/sbin/iptables"

   $IPTABLES -F
   $IPTABLES -X

   $IPTABLES -P INPUT ACCEPT
   $IPTABLES -P OUTPUT ACCEPT
   $IPTABLES -P FORWARD ACCEPT


   $IPTABLES -t nat -P PREROUTING ACCEPT
   $IPTABLES -t nat -P OUTPUT ACCEPT
   $IPTABLES -t nat -P POSTROUTING ACCEPT

   $IPTABLES -t nat -F PREROUTING
   $IPTABLES -t nat -F OUTPUT
   $IPTABLES -t nat -F POSTROUTING


   $IPTABLES -t mangle -P PREROUTING ACCEPT
   $IPTABLES -t mangle -P OUTPUT ACCEPT

   $IPTABLES -t mangle -F PREROUTING
   $IPTABLES -t mangle -F OUTPUT

   echo "1" > /proc/sys/net/ipv4/ip_forward


   ####################################################
   echo "1" > /proc/sys/net/ipv4/ip_forward

   # rp_filter - anti IP spoofing
   for interface in /proc/sys/net/ipv4/conf/*/rp_filter; do
   echo "1" > ${interface}
   done

   $IPTABLES -P INPUT DROP
   $IPTABLES -P OUTPUT DROP
   $IPTABLES -P FORWARD DROP
   atd.
   Prejdite z modrej obrazovky k linuxu :))