基于OpenWrt防火墙配置(作为二级路由)

uci show firewall

uci add firewall rule
uci set firewall.@rule[-1].name=LuCI
uci set firewall.@rule[-1].src=wan
uci set firewall.@rule[-1].proto=tcp
uci set firewall.@rule[-1].dest_port=80
uci set firewall.@rule[-1].target=ACCEPT
uci commit


uci add firewall rule
uci set firewall.@rule[-1].name=SSH
uci set firewall.@rule[-1].src=wan
uci set firewall.@rule[-1].proto=tcp
uci set firewall.@rule[-1].dest_port=22
uci set firewall.@rule[-1].target=ACCEPT
uci commit
#手动更改:高级设置->Dropbear设置->接口->wan


uci add firewall rule
uci set firewall.@rule[-1].name=Samba_1
uci set firewall.@rule[-1].src=wan
uci set firewall.@rule[-1].proto=tcp
uci set firewall.@rule[-1].dest_port=445
uci set firewall.@rule[-1].target=ACCEPT
uci add firewall rule
uci set firewall.@rule[-1].name=Samba_2
uci set firewall.@rule[-1].src=wan
uci set firewall.@rule[-1].proto=tcp
uci set firewall.@rule[-1].dest_port=8200
uci set firewall.@rule[-1].target=ACCEPT
uci commit


uci add firewall rule
uci set firewall.@rule[-1].name=nginx
uci set firewall.@rule[-1].src=wan
uci set firewall.@rule[-1].proto=tcp
uci set firewall.@rule[-1].dest_port=99
uci set firewall.@rule[-1].target=ACCEPT
uci commit


uci add firewall rule
uci set firewall.@rule[-1].name=FTP
uci set firewall.@rule[-1].src=wan
uci set firewall.@rule[-1].proto=tcp
uci set firewall.@rule[-1].dest_port=21
uci set firewall.@rule[-1].target=ACCEPT
uci commit


uci add firewall rule
uci set firewall.@rule[-1].name=telnet
uci set firewall.@rule[-1].src=wan
uci set firewall.@rule[-1].proto=tcp
uci set firewall.@rule[-1].dest_port=23
uci set firewall.@rule[-1].target=ACCEPT
uci commit


/etc/init.d/firewall restart

你可能感兴趣的:(openwrt)