suse 預設的iptables

來源:互聯網
上載者:User
Chain INPUT (policy DROP)
target   prot opt source        destination
ACCEPT   all -- anywhere       anywhere
ACCEPT   all -- anywhere       anywhere      state RELATED,ESTAB LISHED
input_ext all -- anywhere       anywhere
input_ext all -- anywhere       anywhere
LOG    all -- anywhere       anywhere      limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-IN-ILL-TARGET '
DROP    all -- anywhere       anywhere
Chain FORWARD (policy DROP)
target   prot opt source        destination
LOG    all -- anywhere       anywhere      limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWD-ILL-ROUTING '
Chain OUTPUT (policy ACCEPT)
target   prot opt source        destination
ACCEPT   all -- anywhere       anywhere
ACCEPT   all -- anywhere       anywhere      state NEW,RELATED,E STABLISHED
LOG    all -- anywhere       anywhere      limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-OUT-ERROR '
Chain forward_ext (0 references)
target   prot opt source        destination
Chain input_ext (2 references)
target   prot opt source        destination
DROP    all -- anywhere       anywhere      PKTTYPE = broadcast
ACCEPT   icmp -- anywhere       anywhere      icmp source-quench
ACCEPT   icmp -- anywhere       anywhere      icmp echo-request
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTAB LISHED icmp echo-reply
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTAB LISHED icmp destination-unreachable
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTAB LISHED icmp time-exceeded
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTAB LISHED icmp parameter-problem
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTAB LISHED icmp timestamp-reply
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTAB LISHED icmp address-mask-reply
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTAB LISHED icmp protocol-unreachable
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTAB LISHED icmp redirect
LOG    tcp -- anywhere       anywhere      limit: avg 3/min bu rst 5 tcp dpt:5801 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-op tions prefix `SFW2-INext-ACC-TCP '
ACCEPT   tcp -- anywhere       anywhere      tcp dpt:5801
LOG    tcp -- anywhere       anywhere      limit: avg 3/min bu rst 5 tcp dpt:5901 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-op tions prefix `SFW2-INext-ACC-TCP '
ACCEPT   tcp -- anywhere       anywhere      tcp dpt:5901
LOG    tcp -- anywhere       anywhere      limit: avg 3/min bu rst 5 tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-opt ions prefix `SFW2-INext-ACC-TCP '
ACCEPT   tcp -- anywhere       anywhere      tcp dpt:ssh
reject_func tcp -- anywhere       anywhere      tcp dpt:ident sta te NEW
LOG    all -- anywhere       anywhere      limit: avg 3/min bu rst 5 PKTTYPE = multicast LOG level warning tcp-options ip-options prefix `SFW2- INext-DROP-DEFLT '
DROP    all -- anywhere       anywhere      PKTTYPE = multicast
LOG    tcp -- anywhere       anywhere      limit: avg 3/min bu rst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options pre fix `SFW2-INext-DROP-DEFLT '
LOG    icmp -- anywhere       anywhere      limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG    udp -- anywhere       anywhere      limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG    all -- anywhere       anywhere      limit: avg 3/min bu rst 5 state INVALID LOG level warning tcp-options ip-options prefix `SFW2-INext- DROP-DEFLT-INV '
DROP    all -- anywhere       anywhere
Chain reject_func (1 references)
target   prot opt source        destination
REJECT   tcp -- anywhere       anywhere      reject-with tcp-res et
REJECT   udp -- anywhere       anywhere      reject-with icmp-po rt-unreachable
REJECT   all -- anywhere       anywhere      reject-with icmp-pr oto-unreachable
hugang:~ # iptables -L
Chain INPUT (policy DROP)
target   prot opt source        destination
ACCEPT   all -- anywhere       anywhere
ACCEPT   all -- anywhere       anywhere      state RELATED,ESTABLISHED
input_ext all -- anywhere       anywhere
input_ext all -- anywhere       anywhere
LOG    all -- anywhere       anywhere      limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-IN-ILL-TARGET '
DROP    all -- anywhere       anywhere
Chain FORWARD (policy DROP)
target   prot opt source        destination
LOG    all -- anywhere       anywhere      limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWD-ILL-ROUTING '
Chain OUTPUT (policy ACCEPT)
target   prot opt source        destination
ACCEPT   all -- anywhere       anywhere
ACCEPT   all -- anywhere       anywhere      state NEW,RELATED,ESTABLISHED
LOG    all -- anywhere       anywhere      limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-OUT-ERROR '
Chain forward_ext (0 references)
target   prot opt source        destination
Chain input_ext (2 references)
target   prot opt source        destination
DROP    all -- anywhere       anywhere      PKTTYPE = broadcast
ACCEPT   icmp -- anywhere       anywhere      icmp source-quench
ACCEPT   icmp -- anywhere       anywhere      icmp echo-request
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTABLISHED icmp echo-reply
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTABLISHED icmp address-mask-reply
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTABLISHED icmp protocol-unreachable
ACCEPT   icmp -- anywhere       anywhere      state RELATED,ESTABLISHED icmp redirect
LOG    tcp -- anywhere       anywhere      limit: avg 3/min burst 5 tcp dpt:5801 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT   tcp -- anywhere       anywhere      tcp dpt:5801
LOG    tcp -- anywhere       anywhere      limit: avg 3/min burst 5 tcp dpt:5901 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT   tcp -- anywhere       anywhere      tcp dpt:5901
LOG    tcp -- anywhere       anywhere      limit: avg 3/min burst 5 tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT   tcp -- anywhere       anywhere      tcp dpt:ssh
reject_func tcp -- anywhere       anywhere      tcp dpt:ident state NEW
LOG    all -- anywhere       anywhere      limit: avg 3/min burst 5 PKTTYPE = multicast LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
DROP    all -- anywhere       anywhere      PKTTYPE = multicast
LOG    tcp -- anywhere       anywhere      limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG    icmp -- anywhere       anywhere      limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG    udp -- anywhere       anywhere      limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG    all -- anywhere       anywhere      limit: avg 3/min burst 5 state INVALID LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT-INV '
DROP    all -- anywhere       anywhere
Chain reject_func (1 references)
target   prot opt source        destination
REJECT   tcp -- anywhere       anywhere      reject-with tcp-reset
REJECT   udp -- anywhere       anywhere      reject-with icmp-port-unreachable
REJECT   all -- anywhere       anywhere      reject-with icmp-proto-unreachable



相關文章

Cloud Intelligence Leading the Digital Future

Alibaba Cloud ACtivate Online Conference, Nov. 20th & 21st, 2019 (UTC+08)

Register Now >

Starter Package

SSD Cloud server and data transfer for only $2.50 a month

Get Started >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

聯繫我們

該頁面正文內容均來源於網絡整理,並不代表阿里雲官方的觀點,該頁面所提到的產品和服務也與阿里云無關,如果該頁面內容對您造成了困擾,歡迎寫郵件給我們,收到郵件我們將在5個工作日內處理。

如果您發現本社區中有涉嫌抄襲的內容,歡迎發送郵件至: info-contact@alibabacloud.com 進行舉報並提供相關證據,工作人員會在 5 個工作天內聯絡您,一經查實,本站將立刻刪除涉嫌侵權內容。