编程语言

img ncowboy

网关服务器iptables脚本(过滤蠕虫)

发表于2004/9/26 14:41:00  1903人阅读

[root@lacl-001 ~]$cat /root/ipt/gateway
service iptables stop

iptables -t nat -A POSTROUTING -s 192.168.103.0/24 -o eth0 -j SNAT --to 202.115.169.56
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT


#4444/445/69/135/139
iptables -A FORWARD -p tcp --dport 4444 -j DROP
iptables -A FORWARD -p udp --dport 4444 -j DROP

iptables -A FORWARD -p tcp --dport 445 -j DROP
iptables -A FORWARD -p udp --dport 445 -j DROP

iptables -A FORWARD -p tcp --dport 69 -j DROP
iptables -A FORWARD -p udp --dport 69 -j DROP

iptables -A FORWARD -p tcp --dport 135 -j DROP
iptables -A FORWARD -p udp --dport 135 -j DROP

iptables -A FORWARD -p tcp --dport 139 -j DROP
iptables -A FORWARD -p udp --dport 139 -j DROP

service iptables status
[root@lacl-001 ~]$

阅读全文
0 0

相关文章推荐

img
取 消
img