Firewall (iptables)
From Alessandro's Wiki
Revision as of 15:24, 15 October 2006 by Porcelinux (talk | contribs)
Impostare un firewall su una macchina linux
- vedere la configurazione attuale:
iptables -L
- Configurazione mia:
target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT ipv6-crypt-- anywhere anywhere ACCEPT ipv6-auth-- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:46590 ACCEPT udp -- anywhere anywhere state NEW udp dpt:46720 REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
- Aggiungere una regola per accettare connessioni su l porta 5901 (vncserver)
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCEPT
- Salvare la configurazione in un File:
iptables-save > backup_iptables
- Recuperare una configurazione salvata in un file:
iptables-restore < backup_iptables