iptables示例

时间:2022-06-02 17:25:52
[root@iZ23um2lv3tZ ~]# more /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Mon Oct ::
*filter
:INPUT ACCEPT [:]
:FORWARD ACCEPT [:]
:OUTPUT ACCEPT [:]
-A INPUT -s 219.85.158.148/ -j DROP
-A INPUT -s 58.213.122.115/ -j DROP
-A INPUT -s 61.180.64.196/ -j DROP
-A INPUT -s 42.62.65.236/ -j DROP
-A INPUT -s 58.217.192.54/ -j DROP
-A INPUT -s 58.213.122.115/ -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Mon Oct ::

命令:

#iptables -I INPUT -s 58.217.192.54 -j DROP

#service iptables save