How to configure Firewall iptables with linux 04/02 Update SLTechnology News&Howtos

How to configure Firewall iptables with linux

2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/01 Report--

How to configure firewall iptables with linux, I believe many inexperienced people are at a loss about this. Therefore, this paper summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

A detailed example of iptables

The code is as follows:

/ etc/init.d/iptables start starts iptables

Initialize iptables and delete previous rules

The code is as follows:

Iptables-F

Iptables-X

Iptables-Z

Iptables-F-tnat

Iptables-X-tnat

Iptables-Z-tnat

Allow SSH to enter, or you won't be able to connect later

The code is as follows:

Iptables-AINPUT-pTCP--dport22-jACCEPT

Set the rules for default entry and exit

The code is as follows:

Iptables-PINPUTDROP

Iptables-POUTPUTACCEPT

Iptables-PFORWARDACCEPT

Iptables-AINPUT-ilo-jACCEPT

Iptables-AINPUT-mstate--stateESTABLISHED,RELATED-jACCEPT

Load the corresponding module

The code is as follows:

Modprobeip_tables

Modprobeiptable_nat

Modprobeip_nat_ftp

Modprobeip_conntrack

Modprobeip_conntrack_ftp

Configure default forwarding rules

The code is as follows:

Iptables-tnat-PPREROUTINGACCEPT

Iptables-tnat-PPOSTROUTINGACCEPT

Iptables-tnat-POUTPUTACCEPT

Allow private network connection

The code is as follows:

Name of iptables-AINPUT-i private network Nic (such as eth2)-jACCEPT

Enable forwarding

The code is as follows:

Echo "1" > / proc/sys/net/ipv4/ip_forward

Configure the source NAT to allow the intranet to access the Internet through the host nat, which is called network sharing.

The code is as follows:

Iptables-tnat-APOSTROUTING-s intranet Nic name-o extranet Nic name-jMASQUERADE

Map the FTP server to the public network

The code is as follows:

Iptables-tnat-APREROUTING-ptcp-d58.222.1.3--dport21-jDNAT--to192.168.0.211:21

It's over. Don't forget to save it.

The code is as follows:

Serviceiptablessave

The gateway of 192.168.0.211 should be set to host 192.168.0.1. That's it.

After reading the above, have you mastered how to configure firewall iptables with linux? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.