読者です 読者をやめる 読者になる 読者になる

ファイアウォールの設定 iptables

  • root権限で設定を表示
& iptables -L
$ iptables -I RH-Firewall-1-INPUT -p udp -m udp --dport domain -j ACCEPT
$ iptanles -I RH-Firewall-1-INPUT -p tcp -m tcp --dport domain -j ACCEPT
  • 設定を確認する
$ iptables -L
…
Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain 
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            icmp any 
ACCEPT     esp  --  anywhere             anywhere            
ACCEPT     ah   --  anywhere             anywhere            
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 
  • 設定を保存する(再起動しても有効なように設定する)
 $ /etc/rc.d/init.d/iptables save