How do I get started?
# A: (Did I mention "do not use it" already? Oh well.)
# 1. Setup your normal iptables rules -- firewalling, port forwarding
# NAT, etc. When everything is configured the way you like, run:
#
# /etc/init.d/iptables save active
#
# 2. Setup your your inactive firewall rules -- this can be something
# like clear all rules and set all policy defaults to accept (which
# can be done with /etc/init.d/iptables clear). When that is ready,
# save the inactive ruleset:
#
# /etc/init.d/iptables save inactive
#
# 3. Controlling the script itself is done through runlevels configured
# with debconf for package installation. Run "dpkg-reconfigure iptables"
# to enable or disable after installation.
#
# Q: Is that all?
# A: Mostly. You can save additional rulesets and restore them by name. As
# an example:
#
# /etc/init.d/iptables save midnight
# /etc/init.d/iptables load midnight
#
#
# Autosave only works with start followed by stop.
#
# Also, take great care with the halt option. It's almost as good as
# pulling the network cable, except it disrupts localhost too.
#
# Also, create the /var/lib/iptables and /var/lib/ip6tables dirs
# as necessary.
本文档提供了一个详细的步骤来指导如何配置iptables防火墙。首先设置常规的防火墙规则,如端口转发和NAT设置等;其次保存活动规则集,并创建一个默认接受所有连接的备用规则集。通过debconf设置运行级别来控制脚本的执行。还介绍了如何保存额外的规则集并按名称恢复。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
