iptables

Dimitris Mexis m65 at vivodinet.gr
Wed Jul 19 12:27:57 EEST 2006


Einai kalitero afto to copy/paste ?

[root at zeus root]# more /etc/sysconfig/iptables
# Generated by iptables-save v1.2.9 on Tue Jul 18 18:55:22 2006
*nat
:PREROUTING ACCEPT [453:22505]
:POSTROUTING ACCEPT [80:8286]
:OUTPUT ACCEPT [80:8286]
COMMIT
# Completed on Tue Jul 18 18:55:22 2006
# Generated by iptables-save v1.2.9 on Tue Jul 18 18:55:22 2006
*filter
:INPUT ACCEPT [283:24980]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4594:933261]
-A INPUT -p udp -m udp --dport 4003 -j ACCEPT
-A INPUT -p udp -m udp --dport 4002 -j ACCEPT
-A INPUT -p udp -m udp --dport 4001 -j ACCEPT
-A INPUT -p udp -m udp --dport 4000 -j ACCEPT
-A INPUT -p udp -m udp --dport 111 -j ACCEPT
-A INPUT -p udp -m udp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4003 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4002 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4001 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 111 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A INPUT -p udp -m udp --dport 631 -j ACCEPT
-A INPUT -p udp -m udp --dport 52 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 52 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -s 10.0.0.79 -j ACCEPT
-A INPUT -p udp -m udp --dport 137 -j ACCEPT
-A INPUT -p udp -m udp --dport 138 -j ACCEPT
-A INPUT -p udp -m udp --dport 139 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 139 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 138 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 137 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1512 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 901 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p udp -m udp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Tue Jul 18 18:55:22 2006
# Generated by iptables-save v1.2.9 on Tue Jul 18 18:55:22 2006
*mangle
:PREROUTING ACCEPT [6712:556556]
:INPUT ACCEPT [8045:656066]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4594:933261]
:POSTROUTING ACCEPT [5642:1046210]
COMMIT
# Completed on Tue Jul 18 18:55:22 2006




More information about the Linux-greek-users mailing list