Shulou(Shulou.com)06/01 Report--

iptables rule learning

Example 1: A is centos 5.5

web server IP:192.168.36.9

B for clients:Windows 7 browsers: Firefox, Google, IE

IP：192.168.36.125

Requirement: A prohibits B from visiting

Terminals connect to centos 5.5 Add firewall rules:

Method 1:

iptables -I INPUT -s 192.168.36.125 -p tcp -d 192.168.36.9 --dport 80 -j DROP

Method 2:

iptables -I INPUT -p tcp --dport 80 -s 192.168.36.125 -j REJECT

or

iptables -I INPUT -p tcp --dport 80 -s 192.168.36.125 -j REJECT

2: Prohibiting a client port from accessing a Server port:

iptables -I INPUT -s 192.168.36.125 -p tcp -sport 1021 -d 192.168.36.9 --dport 21 -j REGECT

Note: Port 1021 of 192.168.36.125 is prohibited from accessing port 21 of 192.168.36.9. TCP/IP communication is established.

Note: You can also seal an IP segment: for example: 192.168.36.0/24 but cannot write 192.168.36.0/255.255.255.0, it will report an error.

iptables -I Add rule takes effect immediately

iptables -A Add rules, take effect without iptables -I Quick

iptables -F Clear all firewall rules-Temporarily clear current rules "/etc/init.d/iptables save" will clear rules permanently

iptables -D Manually clear a rule

iptables -Z Clear packet and counter

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.