1620.html

著名的linux英雄站点的文档打包

                  <tr> 
                    <td noWrap background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif"> 
                      <div align=center><font class=normalfont>搜索文章: 
                        <input type=hidden value=result name=action2>
                          <input type=radio checked value=title name=type>标题 
                          <input type=radio value=content name=type>内容 
                          <input type=image src="images/button_go.gif" tppabs="http://www.linuxhero.com/docs/images/button_go.gif" border=0 name=image2>
                        </font></div>
                    </td>
                  </tr>
                  <tr> 
                    <td noWrap> 
                      <div align="center"> 
                        <input maxlength=100 size=30 name=keyword2>
                      </div>
                    </td>
                  </tr></tbody> 
                </table>
              </form>
            </TD>
            <TD rowSpan=2><IMG src="images/header_r1_c7.gif" tppabs="http://www.linuxhero.com/docs/images/header_r1_c7.gif" width=26 border=0 name=header_r1_c7></TD>
          <TD><IMG height=83 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1 border=0></TD></TR>
        <TR>
          <TD background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif"><IMG height=22 
            src="images/header_r2_c1.gif" tppabs="http://www.linuxhero.com/docs/images/header_r2_c1.gif" width=296 border=0 
            name=header_r2_c1></TD>
          <TD background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif" colSpan=5>
              <DIV align=right><FONT class=normalfont>当前位置： 
              <A href="index.html" tppabs="http://www.linuxhero.com/docs/index.html">本站首页</A>
              <font color="#FF6699">&gt;&gt;</font>
<A href="type25.html" tppabs="http://www.linuxhero.com/docs/type25.html">网络过滤</A>                 | <A href="copyright.html" tppabs="http://www.linuxhero.com/docs/copyright.html">版权说明</A></font></DIV>
            </TD>
          <TD><IMG height=22 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1 
        border=0></TD></TR></TBODY></TABLE>
      <TABLE cellSpacing=10 cellPadding=0 width="100%" bgColor=#ffffff 
        border=0>
         <TR>
          <TD>
            <TABLE cellSpacing=0 cellPadding=3 width="100%" border=0>
              
              <TR>
                <TD vAlign=top align=middle width="60%">
                  <TABLE cellSpacing=0 cellPadding=0 width="100%" 
                  background="images/back.gif" tppabs="http://www.linuxhero.com/docs/images/back.gif" border=0>
                    <TBODY>
                    <TR>
                        <TD vAlign=top width="80%"> 
                          <DIV align=center>
                        <FORM action="search.html" tppabs="http://www.linuxhero.com/docs/search.html" method=get>
                            </FORM>
                        <TABLE cellSpacing=0 cellPadding=0 width="95%" 
                          border=0><TBODY>
                          <TR>
                            <TD background="images/bgi.gif" tppabs="http://www.linuxhero.com/docs/images/bgi.gif" 
                          height=30></TD></TR></TBODY></TABLE>
                        <TABLE cellSpacing=0 cellPadding=3 width="95%" 
                        align=center border=0>
                          <TBODY>
                          <TR>
                            <TD>
                              <TABLE cellSpacing=0 cellPadding=3 width="100%" 
                              border=0>
                                <TBODY>
                                <TR>
                                      <TD vAlign=top> 
<p><FONT class=normalfont><B><font color=blue>IptablesTutorial1.1.16</font></B></FONT><BR><FONT class=smallfont color=#ff9900>2004-04-23 15:18 pm</FONT><BR><FONT class=normalfont>作者：Oskar Andreasson(blueflux@koffein.net)<br>来自：Linux知识宝库<br>联系方式：无名<br><br>Copyright 2001-2002 by Oskar Andreasson<br>
<br>
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1; with the Invariant Sections being "Introduction" and all sub-sections, with the Front-Cover Texts being "Original Author: Oskar Andreasson", and with no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".<br>
<br>
All scripts in this tutorial are covered by the GNU General Public License. The scripts are free source; you can redistribute them and/or modify them under the terms of the GNU General Public License as published by the Free Software Foundation, version 2 of the License.<br>
<br>
These scripts are distributed in the hope that they will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.<br>
<br>
You should have received a copy of the GNU General Public License within this tutorial, under the section entitled "GNU General Public License"; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA<br>
<br>
Dedications<br>
<br>
First of all I would like to dedicate this document to my wonderful girlfriend Ninel. She has supported me more than I ever can support her to any degree. I wish I could make you just as happy as you make me.<br>
<br>
Second of all, I would like to dedicate this work to all of the incredibly hard working linux developers and maintainers. It is people like those who make this wonderful operating system possible.<br>
<br>
Table of Contents<br>
About the author<br>
How to read<br>
Conventions used in this document<br>
1. Introduction<br>
<br>
    1.1. Why this document was written<br>
    1.2. How it was written<br>
1.3. Terms used in this document<br>
2. Preparations<br>
<br>
    2.1. Where to get iptables<br>
    2.2. Kernel setup<br>
    2.3. User-land setup<br>
<br>
        2.3.1. Compiling the user-land applications<br>
2.3.2. Installation on Red Hat 7.1<br>
3. Traversing of tables and chains<br>
<br>
    3.1. General<br>
    3.2. mangle table<br>
    3.3. nat table<br>
3.4. Filter table<br>
4. The state machine<br>
<br>
    4.1. Introduction<br>
    4.2. The conntrack entries<br>
    4.3. User-land states<br>
    4.4. TCP connections<br>
    4.5. UDP connections<br>
    4.6. ICMP connections<br>
    4.7. Default connections<br>
4.8. Complex protocols and connection tracking<br>
5. Saving and restoring large rule-sets<br>
<br>
    5.1. Speed considerations<br>
    5.2. Drawbacks with restore<br>
    5.3. iptables-save<br>
5.4. iptables-restore<br>
6. How a rule is built<br>
<br>
    6.1. Basics<br>
    6.2. Tables<br>
    6.3. Commands<br>
    6.4. Matches<br>
<br>
        6.4.1. Generic matches<br>
        6.4.2. Implicit matches<br>
        6.4.3. Explicit matches<br>
    6.4.4. Unclean match<br>
    6.5. Targets/Jumps<br>
<br>
        6.5.1. ACCEPT target<br>
        6.5.2. DNAT target<br>
        6.5.3. DROP target<br>
        6.5.4. LOG target<br>
        6.5.5. MARK target<br>
        6.5.6. MASQUERADE target<br>
        6.5.7. MIRROR target<br>
        6.5.8. QUEUE target<br>
        6.5.9. REDIRECT target<br>
        6.5.10. REJECT target<br>
        6.5.11. RETURN target<br>
        6.5.12. SNAT target<br>
        6.5.13. TOS target<br>
        6.5.14. TTL target<br>
6.5.15. ULOG target<br>
7. rc.firewall file<br>
<br>
    7.1. example rc.firewall<br>
    7.2. explanation of rc.firewall<br>
<br>
        7.2.1. Configuration options<br>
        7.2.2. Initial loading of extra modules<br>
        7.2.3. proc set up<br>
        7.2.4. Displacement of rules to different chains<br>
        7.2.5. Setting up default policies<br>
        7.2.6. Setting up user specified chains in the filter table<br>
        7.2.7. INPUT chain<br>
        7.2.8. FORWARD chain<br>
        7.2.9. OUTPUT chain<br>