Ejemplo archivo de iptables para cargar configuracion

Created Onmayo 8, 2019

Last Updated Onmayo 8, 2019

bycesar.vazquez

La ubicacion de este archivo es /etc/sysconfig/iptables

Politica inicial niega entradas a INPUT y FORWARD abierto a salir OUTPUT

Abre los puertos para entrada, 53,80,443

Permite solo ciertas ips al puerto 22

Permite ping a la ip

# Generated by iptables-save v1.4.21 on Sat Apr 20 22:59:17 2019
*mangle
:PREROUTING ACCEPT [2202:187861]
:INPUT ACCEPT [1815:153040]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1728:180323]
:POSTROUTING ACCEPT [1728:180323]
COMMIT
# Completed on Sat Apr 20 22:59:17 2019
# Generated by iptables-save v1.4.21 on Sat Apr 20 22:59:17 2019
*raw
:PREROUTING ACCEPT [2202:187861]
:OUTPUT ACCEPT [1728:180323]
COMMIT
# Completed on Sat Apr 20 22:59:17 2019
# Generated by iptables-save v1.4.21 on Sat Apr 20 22:59:17 2019
*filter
:INPUT DROP [30:2856]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [162:24350]
-A INPUT -p tcp -m tcp –sport 53 -j ACCEPT
-A INPUT -p udp -m udp –sport 53 -j ACCEPT
-A INPUT -p tcp -m tcp –dport 443 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
-A INPUT -d 132.148.153.106/32 -i eth0 -p tcp -m tcp –dport 22 -j ACCEPT
-A INPUT -d 132.148.153.201/32 -i eth0 -p tcp -m tcp –dport 22 -j ACCEPT
-A INPUT -s 201.114.146.6/32 -j ACCEPT
-A INPUT -s 198.23.236.237/32 -j ACCEPT
-A INPUT -s 198.23.236.238/32 -j ACCEPT
-A INPUT -p icmp -m icmp –icmp-type 0 -m limit –limit 1/sec -j ACCEPT
COMMIT
# Completed on Sat Apr 20 22:59:17 2019

Etiquetas:

Nayaa Base de Datos de Conocimiento

Deja un comentario Cancelar respuesta