本文共 1027 字，大约阅读时间需要 3 分钟。

配置作为客户机的iptables规则 - ArchLinux # cat /proc/version Linux version 3.7.9-2-ARCH (tobias@T-POWA-LX) (gcc version 4.7.2 (GCC) ) #1 SMP PREEMPT Mon Feb 25 12:04:25 CET 2013 # allow ping & ESTABLISHED,RELATED connectivity iptables -A INPUT -p icmp -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT # ref: cat /etc/iptables/simple_firewall.rules # allow all traffic from loopback interface iptables -A INPUT -i lo -j ACCEPT # only allow ssh port iptables -A INPUT -p tcp --dport 22 -j ACCEPT # reject all other than above iptables -A INPUT -j REJECT # review rules iptables -nvL # check where to save cat /etc/conf.d/iptables # save rules iptables-save > /etc/iptables/iptables.rules

# enable & reload rules

systemctl is-enabled iptables.servicesystemctl enable iptables.servicesystemctl start iptables.servicesystemctl reload iptables.servicesystemctl status iptables.service# ref: https://wiki.archlinux.org/index.php/Iptables

REF: 1. IptablesHowTo https://help.ubuntu.com/community/IptablesHowTo

转载地址：http://aitai.baihongyu.com/