search

Red Hat NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE Instrukcja Użytkownika Strona 28

  • Pobierz
  • Dodaj do moich podręczników
  • Drukuj
  • Strona
    / 60
  • Spis treści
  • BOOKMARKI
    • Oceniono. / 5. Na podstawie oceny klientów
Przeglądanie stron 27
28
–i – Interface tells the kernel which interface should be filtered.
–p – Protocol defines the protocol that the rule will apply to.
Protocols are lised in the /etc/protocols file, and you can
define rules for any of them.
-s – Source IP address
-d – Destination IP address
–m – Match is a directive for matching. Commonly you can
match state, protocol or both.
-j – Jump to what to do if the packet matches the rule
--dport – Destination Port.
--sport – Source Port
--state – defines packet state. There are four states: INVALID,
ESTABLISHED, NEW and RELATED. The first three are pretty
obvious, while RELATED is a new connection that is
associated to an existing connection, such as the FTP data
connection being RELATED to the FTP control connection.
Now let’s allow some exceptions to our default of dropping all inbound
packets. All of the following rules override the global DROP command
that we started with.
This rule will accept anything that originates from the local loopback
interface and allow it to be used by user applications:
iptables -A INPUT -i lo -j ACCEPT
This rule allows connections that have already been established and
are in the connection table maintained by the kernel, such as
responses to our HTTP requests (line wrapped):
iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
This rule allows any ICMP packets so we can perform pings and
traceroutes as well as respond to pings:
iptables -A INPUT –p ICMP –j ACCEPT
The following rules are used to allow access to various applications.
Use them as needed (line wrapped):
SSH
iptables -A INPUT -p tcp -m tcp --dport 22 –j ACCEPT
Webmin
iptables -A INPUT -p tcp -m tcp --dport 10000 –j ACCEPT
HTTPS
iptables -A INPUT -p tcp -m tcp --dport 443 –j ACCEPT
Tomcat (Port 8080)
iptables -A INPUT -p tcp -m tcp --dport 8080 –j ACCEPT
Przeglądanie stron 27
1 2 ... 23 24 25 26 27 28 29 30 31 32 33 ... 59 60

Komentarze do niniejszej Instrukcji

Brak uwag
  • Flaming-river The-bbg-guru ECO Schulte Cleanfix
  • Lenovo Drukarki laserowe / LED Arnova Nie Lifescan Czytniki kodów kreskowych Fujifilm Kamery filmowe Polycom Kamery ochrony
  • Pioneer AVH-3200DVD APART E-MODIN Weed Eater BC2400 Brother CS-8060 Uniden BC296D
  • Magnat Altea Center 13 Instrukcja Właściciela StarTech.com ST3300U3S Instrukcja Obsługi Dell PowerVault MD3820i Instrukcja Użytkownika Honeywell VOYAGER 1250G Instrukcja Użytkownika Epson PowerLite 8300i Lista Części