Make a CentOS 8 Router>>[ yilianwu ]
§ Routing - NAT & iptables. 如果要設定NAT就要一起設定防火牆在CentOS 8中我使用iptables. Install iptables. dnf install ...
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [650:94130]
-P INPUT DROP
-A INPUT -i lo -j ACCEPT
-A INPUT -p all -s 192.168.56.1 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -d 10.113.25.129 -p tcp --dport 22 -j ACCEPT
-A INPUT -s 10.113.25.0/24 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-P FORWARD DROP
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -d 10.113.25.129 -p tcp --dport 22 -j ACCEPT
-A FORWARD -s 10.113.25.0/24 -j ACCEPT
-A FORWARD -i enp0s3 -o enp0s8 -j ACCEPT
-A FORWARD -i enp0s8 -o enp0s3 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
https://web.mit.edu/rhel-doc/4/RH-DOCS/rhel-sg-zh_tw-4/s1-firewall-ipt-fwd.html
http://dic.vbird.tw/linux_server/unit04.php
沒有留言:
張貼留言