User Tools
сервис_firewall
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
сервис_firewall [2020/11/12 11:35] val [Debian/Ubuntu (iptables)] |
сервис_firewall [2021/05/21 19:17] val [FreeBSD (pf)] |
||
|---|---|---|---|
| Line 30: | Line 30: | ||
| # iptables -n -L -v --line-numbers | # iptables -n -L -v --line-numbers | ||
| </code> | </code> | ||
| + | === Удаление правил фильтра === | ||
| + | <code> | ||
| + | iptables -t ТАБЛИЦА -D ЦЕПОЧКА НОМЕР_ПРАВИЛА | ||
| + | </code> | ||
| === Работа с таблицей состояний === | === Работа с таблицей состояний === | ||
| Line 166: | Line 169: | ||
| #iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 25 -j REJECT | #iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 25 -j REJECT | ||
| #iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 25 -j ACCEPT | #iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 25 -j ACCEPT | ||
| - | iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 465 -j ACCEPT | + | #iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 465 -j ACCEPT |
| - | iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 587 -j ACCEPT | + | #iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 587 -j ACCEPT |
| - | iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 143 -j ACCEPT | + | #iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 143 -j ACCEPT |
| iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 80 -j ACCEPT | iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 80 -j ACCEPT | ||
| iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 5222 -j ACCEPT | iptables -A FORWARD -i eth1 -p tcp -d 192.168.X.10 --dport 5222 -j ACCEPT | ||
| Line 189: | Line 192: | ||
| conntrack -F | conntrack -F | ||
| </code><code> | </code><code> | ||
| + | root@gate:~# apt install conntrack | ||
| + | |||
| root@gate:~# sh firewall.sh | root@gate:~# sh firewall.sh | ||
| Line 439: | Line 444: | ||
| <code> | <code> | ||
| [gate:~] # pfctl -vs state | [gate:~] # pfctl -vs state | ||
| + | |||
| + | [gate:~] # pfctl -k 0.0.0.0/0 -k 172.16.1.254 | ||
| [gate:~] # pfctl -F states | [gate:~] # pfctl -F states | ||
сервис_firewall.txt · Last modified: 2024/05/07 16:18 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
