RHEL5.6--IPTABLES简单配置

 1、

#!bin/bash

 

for i in net filter mangle

do

iptables -t $i -F

iptables -t $i -X

done

 

iptables -t filter INPUT -p tcp -s 192.168.0.1 --dport 110 -j ACCEPT

iptables -t filter INPUT -p tcp -s 192.168.0.2 --dport 110 -j ACCEPT

iptables -t filter INPUT -p tcp -s 192.168.0.0/24 --dport 110 -j REJECT

 

2、

#!bin/bash

 

for i in net filter mangle

do

iptables -t $i -F

iptables -t $i -X

done

 

iptables -A INPUT -s 192.168.0.11 -j ACCEPT

iptables -A OUTPUT -s 192.168.0.11 -j ACCEPT

iptables -A INPUT -s 127.0.0.1 -j ACCEPT

iptables -A OUTPUT -s 127.0.0.1 -j ACCEPT

iptables -P INPUT REJECT

iptables -P OUTPUT REJECT

 

3、

#!bin/bash

 

for i in net filter mangle

 

do

iptables -t $i -F

iptables -t $i -X

done

 

 

iptables -A INPUT -s 192.168.0.1 --dport 23 -j ACCEPT

iptables -A INPUT -s 192.168.0.2 --dport 23 -j ACCEPT

iptables -A INPUT --dport 23 -j REJECT

 

4、

#!bin/bash

 

for i in net filter mangle

 

do

iptables -t $i -F

iptables -t $i -X

done

 

 

iptables -A INPUT -s 192.168.0.1 -p icmp --icmp-type 8 -m limit --limit 1/m ACCEPT

iptables -A INPUT -s 192.168.0.2 -p icmp --icmp-type 8 -m limit --limit 1/m ACCEPT

 

5、

#!bin/bash

 

for i in net filter mangle

 

do

iptables -t $i -F

iptables -t $i -X

done

 

iptables -A INPUT -p tcp --tcp-flags SYN,ACK,RST SYN -j REJECT

iptables -A OUTPUT -p tcp --tcp-flags SYN,ACK,RST SYN -j ACCEPT

 

6、

#!bin/bash

 

for i in net filter mangle

 

do

iptables -t $i -F

iptables -t $i -X

done

 

iptables -A OUTPUT -p icmp --icmp-type 8 -j ACCEPT

iptables -P OUTPUT REJECT

 

7、

#!bin/bash

 

for i in net filter mangle

 

do

iptables -t $i -F

iptables -t $i -X

done

 

iptables -A INPUT -s text02 -j ACCEPT

iptables -P OUTPUT REJECT

 

8、

#!bin/bash

 

for i in net filter mangle

 

do

iptables -t $i -F

iptables -t $i -X

done

 

iptables -A INPUT --dport 23 -j LOG --log-level info --log-prefix "iptables"