Linux Network Management firewall iptables

1 ifconfig View network card IP

Configuration file /etc/sysconfig/network-scripts/ifcfg-eth0

Restart the NIC service Network Restart

Set up multiple IPs for a network card

Cd/etc/sysconfig/network-scripts

CP Ifcfg-eht0 Ifcfg-eth0\:1

Editor Ifcfg-eth0\:1 Note device:eth0:1

After editing, restart the network card.

2. View network card link status mii-tool eth0

3 View host name hostname

Change host name hostname hostname (Restore after reboot)

To change the configuration file/etc/sysconfig/network

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/8B/02/wKiom1hBGP3Bo2JUAAAuDlTnCCo906.jpg "title=" Hostname.jpg "alt=" Wkiom1hbgp3bo2juaaaudltncco906.jpg "/>

4 Setting up DNS (resolving domain names): parsing URLs to an IP

/etc/resolv.conf

Temporarily parse a domain name vi/etc/hosts

1) An IP can be followed by multiple domain names, can be dozens of or even hundreds;

2) only one IP per line, that is, a domain name can not correspond to multiple IPs;

3) If there are multiple lines in the same domain name (the previous IP is not the same), will be the first occurrence of the record to resolve

5.selinux off SELinux Vim/etc/selinux/config

Set selinux=disabled

Temporary shutdown Selinux:setenforce 0

6 iptables

-NVL Viewing rules

-F The current rule clears, but this is only temporary, the saved rules are loaded after rebooting the system or restarting the Iptalbes service

/etc/init.d/iptables Save the Rules

Three tables in 7iptalbes

Filter is used for filtering packets, which is a system-preset table built into three chain input, output, and forward. Input acts on the package that enters the machine; the output acts on the packet sent by the machine; forward acts on packets that are not related to the machine.

The main use of NAT is that the network address translation prerouting chain is intended to change the destination address of the packet as it arrives at the firewall, if necessary. The output chain changes the destination address of the locally generated package. The postrouting chain changes its source address before the package leaves the firewall

Mangle is used to mark a packet, and then to manipulate which packages according to the tag

2) iptables Basic grammar

A. Viewing rules and clearing rules iptables-t NAT-NVL

-T Surface-nvl View rule-N not for IP anti-resolve host name-L list-V detailed list
Print out information about the filter table if you don't add-t

Clear rule: iptables-f Remove all rules

iptables-z Packet and flow counter

This article is from the "Exclusive View" blog, please be sure to keep this source http://molujiang.blog.51cto.com/9742572/1878877

Linux Network Management firewall iptables