📄 00000007.htm
字号:
<HTML><HEAD> <TITLE>BBS水木清华站∶精华区</TITLE></HEAD><BODY><CENTER><H1>BBS水木清华站∶精华区</H1></CENTER>发信人: zixia (Do you zixia tonight), 信区: Linux <BR>标 题: 5. Rusty's Really Quick Guide To Packet Filtering <BR>发信站: BBS 水木清华站 (Wed Oct 11 01:17:33 2000) WWW-POST <BR> <BR>Linux 2.4 Packet Filtering HOWTO: Rusty's Really Quick Guide To Packet <BR>Filterin
<BR> Next Previous Contents
<BR>Lin here a <BR>Ma
<BR> mo----------------------------------------------------------------------o
<BR>
<BR>5. Rusty's Really Quick Guide To Packet Filtering
<BR>
<BR>3.1Most people just have a single PPP connection to the Internet, and don't
<BR> want anyone coming back into their network, or the firewall:
<BR>
<BR> ## Insert connection-tracking modules (not needed if built into kernel).
<BR> # insmod ip_conntrack
<BR> # insmod ip_conntrack_ftp
<BR>
<BR> ## Create chain which blocks new connections, except if coming from inside.
<BR> # iptables -N block e,
<BR> # iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
<BR> # iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT the
<BR> # iptables -A block -j DROP e
<BR> <BR>on
<BR> ## Jump to that chain from INPUT and FORWARD chains.
<BR> # iptables -A INPUT -j block
<BR> # iptables -A FORWARD -j block
<BR>
<BR> ----------------------------------------------------------------------
<BR>
<BR> Next Previous Contents
<BR> <BR>-- <BR>))))))))))))))))))))))))))))))))))))))))))))))))))) <BR> ((((((((((((生命的欢喜可以再影印一张吗?(((((((((((( <BR> ))))))))))))老去的热情可以再拉皮整形吗?)))))))))))) <BR> ((((((((((((病中的真理可以再传真校对吗?(((((((((((( <BR> ))))))))))))死掉的爱情可以再输入键出吗?)))))))))))) <BR> ((((((((((((((((((((((((((((((((((((((((((((((((((( <BR> <BR>※ 来源:·BBS 水木清华站 smth.org·[FROM: 202.112.45.49] <BR><CENTER><H1>BBS水木清华站∶精华区</H1></CENTER></BODY></HTML>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -