This topic created in 3977 days ago, the information mentioned may be changed or developed.

!/bin/sh

rm -rf /etc/sysconfig/iptables

iptables -F
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -p tcp -m multiport --destination-ports 22,53,80,443,1723 -j ACCEPT
iptables -A INPUT -p udp -m multiport --destination-ports 53 -j ACCEPT

iptables -A FORWARD -s 172.16.0.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -o venet0 -j MASQUERADE
iptables -t nat -A POSTROUTING -j SNAT --to-source 12.34.56.78

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

service iptables save
service iptables restart

无法连接 V批嗯

iptables

input

1 replies • 2015-07-24 19:08:13 +08:00

bismall

Jul 24, 2015

iptables -A INPUT -i venet0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i venet0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o venet0 -j ACCEPT
iptables -A FORWARD -i venet0 -o ppp+ -j ACCEPT
------------------------------------------------------------------
搞定

求运维 iptables 规则指导,先谢谢了...

!/bin/sh