suse 默认的iptables

首页 \| 资讯动态 \| linux基础 \| 系统管理 \| 网络管理 \| 编程开发 \| linux数据库 \| linux相关 \| linux认证 \| 下载中心 \| 专题

系统管理：中文环境系统管理桌面应用内核技术 Linux基础：安装配置常用命令经验技巧软件应用 Linux数据库：Mysql POSTGRE

网络管理：网络安全网络应用 Linux服务器 编程开发：PHP CC++ Python Perl SHELL 嵌入式开发 | PHP基础 PHP技巧 PHP应用 PHP文摘

首页 linux资讯动态 Linux专题 | 其他Unix Linux解决方案硬件相关 Linux认证企业应用 Apache | 相关下载：资料参考手册服务器

→ 当前位置:首页>linux基础>安装配置>正文

suse 默认的iptables

OKLinux www.oklinux.cn 2006-06-02 来源：oklinux收集整理会员收藏游客收藏

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all -- anywhere             anywhere
ACCEPT     all -- anywhere             anywhere            state RELATED,ESTAB LISHED
input_ext all -- anywhere             anywhere
input_ext all -- anywhere             anywhere
LOG        all -- anywhere             anywhere            limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-IN-ILL-TARGET '
DROP       all -- anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
LOG        all -- anywhere             anywhere            limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWD-ILL-ROUTING '

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all -- anywhere             anywhere
ACCEPT     all -- anywhere             anywhere            state NEW,RELATED,E STABLISHED
LOG        all -- anywhere             anywhere            limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-OUT-ERROR '

Chain forward_ext (0 references)
target     prot opt source               destination

Chain input_ext (2 references)
target     prot opt source               destination
DROP       all -- anywhere             anywhere            PKTTYPE = broadcast
ACCEPT     icmp -- anywhere             anywhere            icmp source-quench
ACCEPT     icmp -- anywhere             anywhere            icmp echo-request
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTAB LISHED icmp echo-reply
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTAB LISHED icmp destination-unreachable
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTAB LISHED icmp time-exceeded
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTAB LISHED icmp parameter-problem
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTAB LISHED icmp timestamp-reply
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTAB LISHED icmp address-mask-reply
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTAB LISHED icmp protocol-unreachable
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTAB LISHED icmp redirect
LOG        tcp -- anywhere             anywhere            limit: avg 3/min bu rst 5 tcp dpt:5801 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-op tions prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp -- anywhere             anywhere            tcp dpt:5801
LOG        tcp -- anywhere             anywhere            limit: avg 3/min bu rst 5 tcp dpt:5901 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-op tions prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp -- anywhere             anywhere            tcp dpt:5901
LOG        tcp -- anywhere             anywhere            limit: avg 3/min bu rst 5 tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-opt ions prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp -- anywhere             anywhere            tcp dpt:ssh
reject_func tcp -- anywhere             anywhere            tcp dpt:ident sta te NEW
LOG        all -- anywhere             anywhere            limit: avg 3/min bu rst 5 PKTTYPE = multicast LOG level warning tcp-options ip-options prefix `SFW2- INext-DROP-DEFLT '
DROP       all -- anywhere             anywhere            PKTTYPE = multicast
LOG        tcp -- anywhere             anywhere            limit: avg 3/min bu rst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options pre fix `SFW2-INext-DROP-DEFLT '
LOG        icmp -- anywhere             anywhere            limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG        udp -- anywhere             anywhere            limit: avg 3/min bu rst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG        all -- anywhere             anywhere            limit: avg 3/min bu rst 5 state INVALID LOG level warning tcp-options ip-options prefix `SFW2-INext- DROP-DEFLT-INV '
DROP       all -- anywhere             anywhere

Chain reject_func (1 references)
target     prot opt source               destination
REJECT     tcp -- anywhere             anywhere            reject-with tcp-res et
REJECT     udp -- anywhere             anywhere            reject-with icmp-po rt-unreachable
REJECT     all -- anywhere             anywhere            reject-with icmp-pr oto-unreachable
hugang:~ # iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all -- anywhere             anywhere
ACCEPT     all -- anywhere             anywhere            state RELATED,ESTABLISHED
input_ext all -- anywhere             anywhere
input_ext all -- anywhere             anywhere
LOG        all -- anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-IN-ILL-TARGET '
DROP       all -- anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
LOG        all -- anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWD-ILL-ROUTING '

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all -- anywhere             anywhere
ACCEPT     all -- anywhere             anywhere            state NEW,RELATED,ESTABLISHED
LOG        all -- anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-OUT-ERROR '

Chain forward_ext (0 references)
target     prot opt source               destination

Chain input_ext (2 references)
target     prot opt source               destination
DROP       all -- anywhere             anywhere            PKTTYPE = broadcast
ACCEPT     icmp -- anywhere             anywhere            icmp source-quench
ACCEPT     icmp -- anywhere             anywhere            icmp echo-request
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTABLISHED icmp address-mask-reply
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTABLISHED icmp protocol-unreachable
ACCEPT     icmp -- anywhere             anywhere            state RELATED,ESTABLISHED icmp redirect
LOG        tcp -- anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:5801 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp -- anywhere             anywhere            tcp dpt:5801
LOG        tcp -- anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:5901 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp -- anywhere             anywhere            tcp dpt:5901
LOG        tcp -- anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp -- anywhere             anywhere            tcp dpt:ssh
reject_func tcp -- anywhere             anywhere            tcp dpt:ident state NEW
LOG        all -- anywhere             anywhere            limit: avg 3/min burst 5 PKTTYPE = multicast LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
DROP       all -- anywhere             anywhere            PKTTYPE = multicast
LOG        tcp -- anywhere             anywhere            limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG        icmp -- anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG        udp -- anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG        all -- anywhere             anywhere            limit: avg 3/min burst 5 state INVALID LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT-INV '
DROP       all -- anywhere             anywhere

Chain reject_func (1 references)
target     prot opt source               destination
REJECT     tcp -- anywhere             anywhere            reject-with tcp-reset
REJECT     udp -- anywhere             anywhere            reject-with icmp-port-unreachable
REJECT     all -- anywhere             anywhere            reject-with icmp-proto-unreachable

上一篇： Solaris 的 PPPoE 以支持 DSL 访问下一篇：SUSE Linux 10.1 发行说明

【收藏于收藏夹】【评论】【推荐】【投稿】【打印】【关闭】

· Solaris 的 PPPoE 以支持 DSL 访问	·SUSE Linux 10.1 发行说明
·网络测试基础：Traceroute使用详解	·suse 10 硬盘安装
·suse 10 备份文件系统	·快速安装LINUX大约十分钟（所有X86下安装）
·傻瓜式LINUX安装方法（二十五分内搞定）	·Linux中/proc目录下文件详解
·Red Hat9.0与Win XP双系统安装指南	·Linux下如何安装设置网卡

发表评论

密码：匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。)

站内搜索