«
»

小试iptables

2007/12/27, 4:13 PM

# Generated by iptables-save v1.3.5 on Wed Dec 26 10:15:08 2007
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT

-A INPUT -s 127.0.0.1 -j ACCEPT
-A OUTPUT -s 127.0.0.1 -j ACCEPT

#

#-A INPUT -p tcp –dport 80 -m limit –limit 10/second –limit-burst 80 -j ACCEPT

-A INPUT -p tcp -s 124.115.0.0/16 –dport 80 -j DROP
-A INPUT -p tcp -s 59.60.137.0/24 –dport 80 -j DROP
-A INPUT -p tcp -s 221.194.136.0/24 –dport 80 -j DROP
-A INPUT -p tcp -s 121.34.0.0/16 –dport 80 -j DROP
-A INPUT -p tcp -s 116.25.215.0/24 –dport 80 -j DROP
-A INPUT -p tcp -s 221.194.136.0/24 –dport 80 -j DROP
-A INPUT -p tcp -s 60.6.224.0/24 –dport 80 -j DROP

COMMIT
# Completed on Wed Dec 26 10:15:08 2007

Share and Enjoy:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • Blogplay
  • 豆瓣
  • 豆瓣九点
  • email
  • LinkedIn
  • QQ书签
  • Reddit
  • RSS
  • Technorati
  • Twitter
  • Yahoo! Bookmarks

No related posts.

Category: 技术学习  |  Comment (RSS)  |  Trackback

Leave a Reply