如果你的IPTABLES基础知识还不了解,建议先去看看.
开始配置
我们来配置一个filter表的防火墙.
(1)查看本机关于IPTABLES的设置情况
[root@tp ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target
prot opt
source
destination
Chain FORWARD (policy ACCEPT)
target
prot opt
source
destination
Chain OUTPUT (policy ACCEPT)
target
prot opt
source
destination
Chain RH-Firewall-1-INPUT (0 references)
target
prot opt
source
destination
ACCEPT
all
--
0.0.0.0/0
0.0.0.0/0
ACCEPT
icmp --
0.0.0.0/0
0.0.0.0/0
icmp type 255
ACCEPT
esp
--
0.0.0.0/0
0.0.0.0/0
ACCEPT
ah
--
0.0.0.0/0
0.0.0.0/0
ACCEPT
udp
--
0.0.0.0/0
224.0.0.251
udp dpt:5353
ACCEPT
udp
--
0.0.0.0/0
0.0.0.0/0
udp dpt:631
ACCEPT
all
--
0.0.0.0/0
0.0.0.0/0
state RELATED,ESTABLISHED
ACCEPT
tcp
--
0.0.0.0/0
0.0.0.0/0
state NEW tcp dpt:22
ACCEPT
tcp
--
0.0.0.0/0
0.0.0.0/0
state NEW tcp dpt:80
ACCEPT
tcp
--
0.0.0.0/0
0.0.0.0/0
state NEW tcp dpt:25
REJECT
all
--
0.0.0.0/0
0.0.0.0/0
reject-with icmp-host-prohibited
可以看出我在安装linux时,选择了有防火墙,并且开放了22,80,25端口.
如果你在安装linux时没有选择启动防火墙,是这样的
[root@tp ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target
prot opt
source
destination
Chain FORWARD (policy ACCEPT)
target
prot opt
source
destination