My understand of "iptables"
来源:互联网 发布:知彼网络 编辑:程序博客网 时间:2024/06/04 19:23
I learn the iptables when I want to set the firewall in ubuntu.
First :
The iptables is one tool which is used to set the "netfilter" by user or system.
like the image below:
Second:
the rules constitute chains, and chains constitute tables. The iptables is used to set/maintain/inspect tables.
Each chain is a list of rules which can match a set of packets. Each rule specifies what to do with a packet that matches.
Third:parameters
-A, --append chain rule-specification
Append one or more rules to the end of the selected chain.
#******************#
-j, --jump target
This specifies the target of the rule; i.e., what to do if the packet matches it.
#******************#
-p (small)--protocol protocol
The protocol of the rule or of the packet to check.
-P (big)--policy chain target
Set the policy for the chain to the given target. See the section TARGETS for the legal targets.
#******************#
-t, --table table
This option specifies the packet matching table which the command should operate on.
The tables are as follows:filter/ nat/ mangle/ raw/ security
#******************#
-x (small)--exact
Expand numbers.
-X (big)--delete-chain [chain]
Delete the optional user-defined chain specified.
#******************#
-m --match match
Specifies a match to use, that is, an extension module that
tests for a specific property.
#******************#
--sport source port
--dport destination port
For example:
/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
That is to say allow external visit local by local 80 port
/sbin/iptables -A INPUT -p tcp --sport 80 -j ACCEPT
That is to say allow external visit local from external 80 port
First :
The iptables is one tool which is used to set the "netfilter" by user or system.
like the image below:
Second:
the rules constitute chains, and chains constitute tables. The iptables is used to set/maintain/inspect tables.
Each chain is a list of rules which can match a set of packets. Each rule specifies what to do with a packet that matches.
Third:parameters
-A, --append chain rule-specification
Append one or more rules to the end of the selected chain.
#******************#
-j, --jump target
This specifies the target of the rule; i.e., what to do if the packet matches it.
#******************#
-p (small)--protocol protocol
The protocol of the rule or of the packet to check.
-P (big)--policy chain target
Set the policy for the chain to the given target. See the section TARGETS for the legal targets.
#******************#
-t, --table table
This option specifies the packet matching table which the command should operate on.
The tables are as follows:filter/ nat/ mangle/ raw/ security
#******************#
-x (small)--exact
Expand numbers.
-X (big)--delete-chain [chain]
Delete the optional user-defined chain specified.
#******************#
-m --match match
Specifies a match to use, that is, an extension module that
tests for a specific property.
#******************#
--sport source port
--dport destination port
For example:
/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
That is to say allow external visit local by local 80 port
/sbin/iptables -A INPUT -p tcp --sport 80 -j ACCEPT
That is to say allow external visit local from external 80 port
0
上一篇:build makefile for my coding!!
下一篇:shell 编程语法总结(I/O 逻辑控制结构)
相关热门文章
- 欢迎zmyxi在ChinaUnix博客安家...
- mysqldump备份所有数据库,恢...
- 欢迎smy02在ChinaUnix博客安家...
- 欢迎nonmygod在ChinaUnix博客...
- 欢迎kamycc在ChinaUnix博客安...
- linux 常见服务端口
- xmanager 2.0 for linux配置
- 【ROOTFS搭建】busybox的httpd...
- openwrt中luci学习笔记
- 什么是shell
- linux dhcp peizhi roc
- 关于Unix文件的软链接
- 求教这个命令什么意思,我是新...
- sed -e "/grep/d" 是什么意思...
- 谁能够帮我解决LINUX 2.6 10...
给主人留下些什么吧!~~
评论热议
0 0
- My understand of "iptables"
- My understand of stack and queue
- My understand of KMP describe in C
- My understand of Euclidean distance in digital image processing
- Do you understand my mind...
- DAY100_recode understand of Unblock
- Understand the Impact of Change
- Understand each field of AWR [ID 884046.1]
- understand the data model of Cassandra
- the understand of SOA and Web Services
- Understand the probabilistic way of doing SLAM
- note of iptables
- my instance of IDL
- SHAPE OF MY HEART
- My Understanding of MQSeries
- command of my sql
- tag of my life
- My life of programing
- NYoj18 The Triangle
- Centos7操作系统下修改yum源的方法
- apktool反编译详细使用教程
- hdu3377plan【哈密顿路径插头Dp】
- build makefile for my coding!!
- My understand of "iptables"
- shell 编程语法总结(I/O 逻辑控制结构)
- My understand of stack and queue
- My understand of KMP describe in C
- My first CXX problem:"aggregate has incomplete type and cannot be defined"
- define function pointer
- notes of C++
- My start of git
- 对搜索引擎的初了解发展及核心框架
原创粉丝点击
热门IT博客
热门问题
老师的惩罚
人脸识别
我在镇武司摸鱼那些年
重生之率土为王
我在大康的咸鱼生活
盘龙之生命进化
天生仙种
凡人之先天五行
春回大明朝
姑娘不必设防,我是瞎子
消防水炮安装图
消防水炮 规范
消防水炮的组成
消防水炮怎么套定额
消防水炮控制原理
固定消防水炮规范
消防水炮的图片
消防水炮 图集
消防水炮施工规范
消防水炮 定额
消防水炮套用什么定额
消防水多少钱一吨
消防水系统
消防水流量
消防水系统工作原理
消防水系统设计规范
消防池
消防法全文
2019消防法
消防法实施日期
2019年消防法
消防法规定
消防法2019年修订
消防法2019
新消防法2019
消防法试题及答案
消防法下载
消防法60条
新消防法解读
消防法考试题
中国消防法哪年实施
消防法第六十三条
消防法题库
消防法考试
中国人民消防法
消防24种结绳法图解
消防法考试试题
消防法宣传
消防法心得体会
消防法第五十四条
消防法的方针是什么