Ubuntu using Iptables to configure Firewall tips: Unrecognized service (Ubuntu configuration iptables Firewall)

Ubuntu default installation is not open any firewall.

When you use service iptables status , you are prompted to iptables:unrecoginzed service. This means that the service is not recognized.

The following methods are from http://blog.csdn.net/lywzgzl/article/details/39938689, but the test found that This method is no longer available in Ubuntu

#在ubuntu中由于不存在/etc/init.d/use.

Through the above method, finally can not solve, through the research found that the above command is already old version, in the new version of Iptables itself is not a service.

And if you want to continue using the Iptables configuration, you can do this through the Http://www.cnblogs.com/general0878/p/5757377.html method:

1. Check if the system is installing a firewall

sudo whereis iptables

A prompt indicating that iptables has been installed, if not installed, can be installed by the following command

sudo apt-get install iptables

2. View firewall configuration information

sudo iptables-l

3. Create a new rule file

mkdir /etc/iptables #先新建目录, no such directory

Vi/etc/iptables/rules.v4

Two combined commands can be simplified into the following notation

mkdir /etc/iptables & VI/ETC/IPTABLES/RULES.V4

Add the following (note: 80 refers to the Web server port, 3306 refers to the MySQL database link port, 22 refers to the SSH Remote management port)

*filter: INPUTDROP [0:0]: FORWARDACCEPT [0:0]: OUTPUTACCEPT [0:0]: Syn-flood-[0:0]-a input-i lo-j accept-a input-m State--state related,established-j ACCEPT-A input-p tcp-m State--state new-m TCP--dport 22-j accept-a input-p tcp-m State--state new-m TCP--dport 80-j accept-a input-p tcp-m State--state new-m t CP--dport 3306 -j ACCEPT-A input-p icmp-m limit--limit100/sec--limit-burst 100-j accept-a input-p icmp-m limit--limit1/S--limit-burst 10-j accept-a input-p tcp-m tcp--tcp-flags FIN, Syn,rst,ACK syn-j syn-flood-a input-j REJECT--reject-with icmp-host-prohibited-a syn-flood-p tcp-m limit--limit3/sec--limit-burst 6-jRETURN-A syn-flood-j REJECT--reject-with icmp-port-unreachablecommit

4. Make the firewall effective

iptables-Restore </ETC/IPTABLES/RULES.V4

5. Create a file, add the following to enable the firewall to boot

vi/etc/network/if-pre-up.d/iptables

#!/bin/bashiptables-restore </ETC/IPTABLES/RULES.V4

6. Add Execute Permissions

chmod +x/etc/network/if-pre-up.d/iptables

7. Check if the rules are in effect

Iptables-l-N

The above method can be passed on Ubuntu normally, and can clearly know its dependencies.

Or if you want to toss the usage of iptables, you can refer to the following collected articles for configuration:

Https://serverfault.com/questions/129086/how-to-start-stop-iptables-on-ubuntu

Https://help.ubuntu.com/community/IptablesHowTo

The research found that there is a simplified version of the firewall on the Ubuntu/debian system, called UFW, the principle or iptables, but because iptables need to manipulate the table and a lot of relationships, so use UFW to simplify these operations.

Ubuntu uses iptables to configure Firewall tips: Unrecognized service (Ubuntu configuration iptables Firewall)