[root@rhel5 ~]# iptables -A FORWARD -p tcp --dport 25 -j ACCEPT pop3:
[root@rhel5 ~]# iptables -A FORWARD -p tcp --dport 110 -j ACCEPT
[root@rhel5 ~]# iptables -A FORWARD -p udp --dport 110 -j ACCEPT imap:
[root@rhel5 ~]# iptables -A FORWARD -p tcp --dport 143 -j ACCEPT
[root@rhel5 ~]# iptables -A FORWARD -p udp --dport 143 -j ACCEPT imaps:
[root@rhel5 ~]# iptables -A FORWARD -p tcp --dport 993 -j ACCEPT
[root@rhel5 ~]# iptables -A FORWARD -p udp --dport 993 -j ACCEPT pop3s:
[root@rhel5 ~]# iptables -A FORWARD -p tcp --dport 995 -j ACCEPT
[root@rhel5 ~]# iptables -A FORWARD -p udp --dport 995 -j ACCEPT
[root@rhel5 ~]# iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh Chain FORWARD (policy DROP) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:msnp ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:irdmi ACCEPT udp -- anywhere anywhere udp dpt:irdmi ACCEPT udp -- anywhere anywhere udp dpt:terabase ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT udp -- anywhere anywhere udp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:imap ACCEPT udp -- anywhere anywhere udp dpt:imap ACCEPT tcp -- anywhere anywhere tcp dpt:imaps ACCEPT udp -- anywhere anywhere udp dpt:imaps ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s ACCEPT udp -- anywhere anywhere udp dpt:pop3s Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@rhel5 ~]# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere anywhere tcp dpt:http to:192.168.0.3:80 Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 192.168.0.0/24 anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@rhel5 ~]# |
本文出自 “王乾De技术博客” 博客,谢绝转载!