Article Title: common firewall configuration methods for Linux Iptables. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Common firewall configurations of Iptables
The script environment is eth0 Internet and eth1 intranet;
#! /Bin/sh
# Internet Nic
EXT_IF = "eth0"
FW_IP = "61.137.85.21"
# Intranet Nic
INT_IF = "eth1"
LAN_IP = "192.168.0.1"
LAN_IP_RANGE = "192.168.0.0/255.255.255.0"
# Reading module, which is generally built in
# Module loading.
# Echo "modprobe modules"
# Modprode ip_tables
# Modprode ip_nat_ftp
# Modprode ip_conntrack
# Modprobe ip_conntrack_ftp
# Enable the forward Function
Echo "enabling ip forwarding ...... "
Echo "1">;/proc/sys/net/ipv4/ip_forward
# Rule initialization. The default values are drop.
Echo "enabling iptables rules"
# Reset the default policies ies in the tables
Iptables-F
Iptables-X
Iptables-F-t mangle
Iptables-X-t mangle
Iptables-F-t nat
Iptables-X-t nat
Iptables-Z-t nat
# Set policies
Iptables-P INPUT DROP
Iptables-P FORWARD DROP
Iptables-P OUTPUT DROP
###--###
[1] [2] [3] [4] [5] Next page