linux或sunOs下防火牆配置

2021-07-25 15:29:44 字數 1932 閱讀 4692

sunos下設定(/etc/ipf/ipf.conf ipf.rules):

pass in quick from 10.218.101.23 to any

pass out quick from any to 10.218.101.23

pass in quick from 10.218.101.22 to any

pass out quick from any to 10.218.101.22

pass in quick from 10.218.101.21 to any

pass out quick from any to 10.218.101.21

pass in quick from 10.218.101.20 to any

pass out quick from any to 10.218.101.20

pass in quick from 10.218.101.10 to any

pass out quick from any to 10.218.101.10

pass in quick from 10.218.101.11 to any

pass out quick from any to 10.218.101.11

pass in quick from 10.218.101.13 to any

pass out quick from any to 10.218.101.13

pass in quick from 10.218.101.14 to any

pass out quick from any to 10.218.101.14

pass in quick from 10.218.101.15 to any

pass out quick from any to 10.218.101.15

block in quick all

block out quick all

重啟防火牆:

svcadm disable ipfilter

svcadm enable ipfilter

liux設定(/etc/sysconfig/iptables):

*filter

:input accept [0:0]

:forward accept [0:0]

:output accept [0:0]

-a input -s 10.218.101.20 -j accept

-a input -s 10.218.101.21 -j accept

-a input -s 10.218.101.22 -j accept

-a input -s 10.218.101.23 -j accept

-a input -s 10.218.101.24 -j accept

-a input -s 10.218.101.10 -j accept

-a input -s 10.218.101.11 -j accept

-a input -s 10.218.101.13 -j accept

-a input -s 10.218.101.14 -j accept

-a input -s 10.218.101.15 -j accept

-a input -s 123.57.184.78 -j accept

-a input -s 127.0.0.1 -d 127.0.0.1 -j accept   --這句要加上,不然127.0.0.1無法使用(ping也不通)

-a output -s 127.0.0.1 -d 127.0.0.1 -j accept-這句要加上,不然127.0.0.1無法使用(ping也不通)

-a input -j drop

commit

重啟防火牆:

service iptables restart

上面的功能是只允許配置的ip訪問本機,其它機器一概進行攔截

Linux下配置防火牆

工具 材料 電腦 vmware12 linux系統 redhat 預備知識 1 使用vmware安裝linux 2 linux 常用命令之vi命令 網路命令 操作防火牆常用命令 1啟動防火牆 service iptables start 3 停止防火牆 service iptables stop 4...

linux下防火牆配置

簡單來說netfilter管網路,selinux管本地。selinux則可以理解為是作為linux檔案許可權控制 即我們知道的rwx 的補充存在的 1 iptables是linux下功能強大的應用層防火牆工具。iptables是用於設定防火牆,防範來自網路的入侵和實現網路位址 qos等功能。說到ip...

防火牆 防火牆安全

作為計算機的第一道屏障,防火牆的重要性不言而喻,儘管防火牆在面臨網路攻擊時仍有很大的缺陷,不如無法阻止自內而外的攻擊,對複雜多變的網路攻擊攻擊無法預警和像ids所做的那樣。但防火牆依然是伺服器乃至個人機的一道不可或缺的屏障。木桶原理 本文將對防火牆做乙個初步的簡介,顯然像我們知道的那樣,防火牆是一款...