热点排行

网关服务器iptables脚本(过滤蠕虫)

类别:软件工程 点击:0 评论:0 推荐:

[root@lacl-001 ~]$cat /root/ipt/gateway
service iptables stop

iptables -t nat -A POSTROUTING -s 192.168.103.0/24 -o eth0 -j SNAT --to 202.115.169.56
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT


#4444/445/69/135/139
iptables -A FORWARD -p tcp --dport 4444 -j DROP
iptables -A FORWARD -p udp --dport 4444 -j DROP

iptables -A FORWARD -p tcp --dport 445 -j DROP
iptables -A FORWARD -p udp --dport 445 -j DROP

iptables -A FORWARD -p tcp --dport 69 -j DROP
iptables -A FORWARD -p udp --dport 69 -j DROP

iptables -A FORWARD -p tcp --dport 135 -j DROP
iptables -A FORWARD -p udp --dport 135 -j DROP

iptables -A FORWARD -p tcp --dport 139 -j DROP
iptables -A FORWARD -p udp --dport 139 -j DROP

service iptables status
[root@lacl-001 ~]$

本文地址:http://com.8s8s.com/it/it35532.htm

Copyright © 2004-2013 信息技术中文网 All rights reserved 版权所有

Powered by 信息技术中文网 Ver2.0