需求介绍:
设置特定的IP可以访问某网站服务器,配置iptables如下:
使用命令 vi /etc/sysconfig/iptables 编辑 iptables,修改为如下:
*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [99:16581] -N whitelist -A whitelist -s 116.32.124.54 -j ACCEPT -A whitelist -s 144.16.137.137 -j ACCEPT -A whitelist -s 134.71.56.62 -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j whitelist -A INPUT -p tcp -m tcp --dport 22 -j whitelist -A INPUT -p tcp -m tcp --dport 80 -j whitelist -A INPUT -p tcp -m tcp --dport 443 -j whitelist -A INPUT -p tcp -m tcp --dport 3306 -j DROP -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT #-A INPUT -i lo -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT
然后使用命令重启iptables:service iptables restart
最新评论
kali下用到的临时命令: smb//192.168.1.117 sudo mount -t cifs //192.168.1.117/Downloads /mnt -o username=niu