Iptables-f
Iptables-x
Iptables-z
Iptables-p INPUT DROP
Iptables-p OUTPUT ACCEPT
Iptables-p FORWARD ACCEPT
Iptables-a input-p TCP--dport 56388-j ACCEPT
Iptables-a input-p TCP--dport 53-j ACCEPT
Iptables-a input-p UDP--dport 53-j ACCEPT
Iptables-a input-p TCP--sport 53-j ACCEPT
Iptables-a input-p UDP--sport 53-j ACCEPT
Iptables-a input-p icmp-j ACCEPT
Iptables-a output-p TCP--dport 31337-j DROP
Allow Yum
Iptables-a input-m State--state established,related-j ACCEPT
Iptables-a output-m State--state established,related-j ACCEPT
Iptables-a output-p UDP--dport 53-j ACCEPT
Iptables-a output-o lo-j ACCEPT #将本机设置为信任设备
Iptables-a output-p TCP--sport 10000:65535-j ACCEPT
Execute script
#!/bin/bash
Iptables-f
Iptables-x
Iptables-z
Iptables-p INPUT DROP
Iptables-p OUTPUT ACCEPT
Iptables-p FORWARD ACCEPT
Iptables-a input-p TCP--dport 56388-j ACCEPT
Iptables-a input-p TCP--dport 53-j ACCEPT
Iptables-a input-p UDP--dport 53-j ACCEPT
Iptables-a input-p TCP--sport 53-j ACCEPT
Iptables-a input-p UDP--sport 53-j ACCEPT
Iptables-a input-p icmp-j ACCEPT
Iptables-a output-p TCP--dport 31337-j DROP
Iptables-a input-m State--state established,related-j ACCEPT
Iptables-a output-m State--state related,established-j ACCEPT
Iptables-a output-p UDP--dport 53-j ACCEPT
Iptables-a Output-o lo-j ACCEPT
Iptables-a output-p TCP--sport 10000:65535-j ACCEPT
/etc/init.d/iptables Save
Iptables-save >/tmp/myipt.rule
#iptables-restore </tmp/myipt.rule
This article is from the "Bill of Operations Notes" blog, please be sure to keep this source http://chenshoubiao.blog.51cto.com/6159058/1891901
Iptables rules for DNS servers
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
