iptables. Iptables is the utility which the "GUI-Based" firewall tools
are based on.
Here is what to do:
Step 1, discover where you GUI-firewall tool is keeping its "iptables"
script. (This is a text file with a list of iptables command in it.)
Step 2, As root, add these two line to that script
iptables -A INPUT -p TCP --dport
iptables -A INPUT -p UDP --dport
Step 3, Source that script (which means run it) syntax:
.
For example, if the name of the script is /tmp/foo, you would say:
. /tmp/foo
Step 4, As root, issue the command "iptables-save"
This command will write your iptables configuration to the file:
"/etc/sysconfig/iptables". This file is executed by your system at
reboot time to restore your iptables configuration.
Step 5, save a copy of the iptables script you modified above just in
case you ever need to add anything else to your firewall. You will,
eventually, probably want to add or delete something from it.
Step 6, NEVER, EVER run the GUI-Firewall tool again. It will very
likely destroy/overwrite the port blocks you just added.
=====================================================================================
iptables -I INPUT -s {IP} -j DROP
http://forums.rackshack.net/showthread.php?s=3366493fc4c840330d8134a0d966a044&threadid=27618&highlight=iptables+drop
No comments:
Post a Comment