zoukankan html css js c++ java

iptables 必须先拒绝所有,在允许

<pre name="code" class="html">[root@wx02 ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Tue Sep 20 11:18:45 2016
*filter
:INPUT ACCEPT [100:5792]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [104:8990]
COMMIT
# Completed on Tue Sep 20 11:18:45 2016


先允许,在拒绝
iptables -I INPUT -s 115.236.6.6 -p tcp --dport 22 -j ACCEPT
iptables -I INPUT -p tcp --dport 22 -j DROP  
 
 
 # service iptables save    
3.重启防火墙    
#service iptables restart   


/**先拒绝所有,在允许

[root@wx02 ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Tue Sep 20 11:39:10 2016
*filter
:INPUT ACCEPT [293:18238]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [231:19319]
-A INPUT -s 115.236.6.6/32 -p tcp -m tcp --dport 22 -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 22 -j DROP 
COMMIT
# Completed on Tue Sep 20 11:39:10 2016


[root@wx02 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  115.236.6.6       anywhere            tcp dpt:ssh 
DROP       tcp  --  anywhere             anywhere            tcp dpt:ssh 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[root@wx02 ~]#

查看全文

相关阅读:
心理学安全威胁
 设计模式是在运用构造定律
 分形理论
 构造定律
 [SOA]REST与SOA两种架构的异同比较
 加法是自然之道
 ES : 软件工程学的复杂度理论及物理学解释
 软件架构的灵活设计
 软件复杂度与结构：（影响复杂度的因素）
socket 的通信过程

原文地址：https://www.cnblogs.com/zhaoyangjian724/p/6199183.html