linux基本iptable策略

开源探讨  

www.cloudbps.com

# Generated by iptables-save v1.3.5 on Sun Aug 25 16:25:12 2013
*filter
:INPUT DROP [51:3259]
:FORWARD DROP [0:0]
:OUTPUT DROP [17:9260]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp --dport 22 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
COMMIT
# Completed on Sun Aug 25 16:25:12 2013