__Today:
__
Your ip : 18.97.9.175
|
|
Å×Å©³ëÄÄÇ»ÅÍ
[ ÀÚ·á½Ç ]
±¤°í¼º ±ÛÀ̳ª ºÒ¹ýÀÚ·á ¾÷·Îµå¸¦ ±ÝÇÕ´Ï´Ù.
|
Re: iptable ¹®¼
|
¾ÆÀ̵ð : jgheo À̸§ : °ü¸®ÀÚ ¹øÈ£ : 59.1 Á¶È¸ : 256641
¾÷·Îµå : 2004-07-13 22:21:18
|
|
KLDP BBS
¼·ÎÀÇ Áö½Ä°ú Á¤º¸¸¦ ±³È¯Çϼ¼¿ä.
FAQ °Ë»ö ¸â¹ö¸®½ºÆ® »ç¿ëÀÚ ±×·ì »ç¿ëÀÚ µî·ÏÇϱâ
°³ÀÎ Á¤º¸ ºñ°ø°³ ¸Þ½ÃÁö¸¦ È®ÀÎÇÏ·Á¸é ·Î±×ÀÎÇϽʽÿÀ ·Î±×ÀÎ
KLDP CodeFest Âü°¡ ½Åû!
KLDP Ƽ¼ÅÃ÷, ¿¼è°í¸® ½ÅûÇϼ¼¿ä!
Firewall¿¡ »ç¿ëÇÒ ÆÐŶÇÊÅ͸µ...
KLDP BBS °Ô½ÃÆÇ À妽º -> ÇÁ·Î±×·¡¹Ö QnA
ÀÌÀü ÁÖÁ¦ º¸±â :: ´ÙÀ½ ÁÖÁ¦ º¸±â
±Û¾´ÀÌ ¸Þ½ÃÁö
studyhard
beginner
°¡ÀÔ: 2003³â 8¿ù 29ÀÏ
¿Ã¸° ±Û: 4
½Ã°£: 2003³â8¿ù29ÀÏ 17:27 ÁÖÁ¦: Firewall¿¡ »ç¿ëÇÒ ÆÐŶÇÊÅ͸µ...
--------------------------------------------------------------------------------
¸·¿¬ÇÏ°Ô Áú¹®µå·Á¼ Á˼ÛÇÕ´Ï´Ù.
Firewall¿¡ Àû¿ëÇÒ ÆÐŶÇÊÅ͸µÀ» ¸¸µé°í ½ÍÀºµ¥¿ä..
¸¸µé¾î º¸·Á´Ï »ý°¢¸¸ ÀÖ°í ã¾Æº¸·Á´Ï Àß¾Èã¾ÆÁö°í.. ³Ê¹« °©°©Çؼ
±Û ¿Ã·È½À´Ï´Ù.
°£´ÜÇÑ ÆÐŶÇÊÅ͸µÀÌ¶óµµ ÁÁÀ¸´Ï ±¸µ¿¹æ½ÄÀ̶ó´øÁö ¸¸µé¶§ ¾Ë¾Æ¾ßÇÒ Á¤º¸
¶ó´øÁö Á» ¾Ë·ÁÁֽðí. °ü·Ã Á¤º¸³ª ÀÚ·á ÀÖÀ¸½ÅºÐÀº ¸µÅ©Á» ÇØÁÖ¼¼¿ä..
ÁÁÀº ÇÏ·ç µÇ¼¼¿ä..^^
À§·Î
gilsion
user
°¡ÀÔ: 2002³â 12¿ù 30ÀÏ
¿Ã¸° ±Û: 153
À§Ä¡: ºÎ»ê
½Ã°£: 2003³â8¿ù29ÀÏ 18:38 ÁÖÁ¦: Áö±Ý ¾²°íÀÖ´Â ºê¸´Áö¹æȺ® ¼³Á¤ÀÔ´Ï´Ù.
--------------------------------------------------------------------------------
#!/bin/bash
#
# FTP passive ¸ðµå ¶§¹®¿¡ 1024-65546 Æ÷Æ®¸¦
# ´Ù ¿¾î³ù±â ¶§¹®¿¡ ¹®Á¦ÀÇ ¼ÒÁö°¡ ´ÙºÐÈ÷ ÀÖÀ½
# ¹æ¹ýÀ» °±¸ÇØ º¸±â·Î ÇÔ. µý»ç¶÷µéÀº ¾î¶»°Ô ÇÏÁö?
#
########## º¯¼ö¼³Á¤
IPT="/sbin/iptables"
SERVER="xxx.xxx.xxx.xxx"
NETWORK="xxx.xxx.xxx.xxx/26"
########## iptables Á¤Ã¥ ÃʱâÈ
$IPT -X
$IPT -F
$IPT -Z
########## CHAIN Á¤Ã¥ ¼³Á¤
$IPT -P INPUT DROP
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
########## ºê¸´Áö Á¢±Ù¼³Á¤
# gilsion ÀÚ¸®¿¡¼¸¸ bridge ·Î ssh Á¢¼Ó °¡´É
$IPT -A INPUT -p tcp -s xxx.xxx.xxx.xxx --dport 22 -j ACCEPT
#$IPT -A INPUT -p tcp -s $NETWORK --dport 22 -j ACCEPT
########## ºñÁ¤»ó ÆÐŶÅëÇà ¸ðµÎ °ÅºÎ
$IPT -A FORWARD -m state --state INVALID -j DROP
$IPT -A FORWARD -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
$IPT -A FORWARD -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
$IPT -A FORWARD -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
$IPT -A FORWARD -p tcp --tcp-flags RST RST,ACK -j DROP
########## DNS QUERY
$IPT -A FORWARD -p udp --sport 53 -j ACCEPT
$IPT -A FORWARD -p udp --dport 53 -j ACCEPT
########## SERVER ¼³Á¤
# ³ª°¡´Â ÆÐŶÀº ¸ðµÎ Çã¿ë
$IPT -A FORWARD -s $SERVER -j ACCEPT
# HTTP
$IPT -A FORWARD -d $SERVER -p tcp --dport 80 -j ACCEPT
# SMTP
$IPT -A FORWARD -d $SERVER -p tcp --dport 25 -j ACCEPT
$IPT -A FORWARD -d $SERVER -p tcp --dport 587 -j ACCEPT
$IPT -A FORWARD -d $SERVER -p udp --dport 587 -j ACCEPT
# FTP
$IPT -A FORWARD -d $SERVER -p tcp --dport 21 -j ACCEPT
# FTP PASSIVE
$IPT -A FORWARD -d $SERVER -p tcp --sport 1024:65535 --dport 1024:65535 -j ACCEPT
$IPT -A FORWARD -d $SERVER -j DROP
######## ³×Æ®¿÷ Àüü ¼³Á¤
# ³ª°¡´Â ÆÐŶÀº ¸ðµÎ Çã¿ë
$IPT -A FORWARD -s $NETWORK -j ACCEPT
#HTTP, HTTPS
$IPT -A FORWARD -p tcp --sport 80 -j ACCEPT
$IPT -A FORWARD -p tcp --sport 443 -j ACCEPT
#SSH
$IPT -A FORWARD -p tcp --sport 22 -j ACCEPT
#POP3
$IPT -A FORWARD -p tcp --sport 110 -j ACCEPT
#FTP (passive mode Æ÷ÇÔ)
$IPT -A FORWARD -p tcp --sport 21 -j ACCEPT
$IPT -A FORWARD -p tcp --sport 20 -j ACCEPT
$IPT -A FORWARD -p tcp --sport 1024:65535 --dport 1024:65535 -j ACCEPT
$IPT -A FORWARD -p tcp --dport 113 -j ACCEPT
# MSN
$IPT -A FORWARD -p tcp --dport 1863:1864 -j ACCEPT
$IPT -A FORWARD -p tcp --dport 6901 -j ACCEPT
$IPT -A FORWARD -p tcp --dport 7801:7825 -j ACCEPT
$IPT -A FORWARD -p tcp --dport 6891:6900 -j ACCEPT
########## Çã¿ëÇÏÁö ¾ÊÀº ¸ðµç ÆÐŶ °ÅºÎ
$IPT -A FORWARD -j DROP
_________________
---------------------------------
ur destiny. since 197*
À§·Î
ÀÌÀü ±Û Ç¥½Ã: ¸ðµç ±Û1ÀÏ7ÀÏ2ÁÖ1´Þ3´Þ6´Þ1³â ¿À·¡µÈ ±Û ¸ÕÀú»õ·Î¿î ±Û ¸ÕÀú
KLDP BBS °Ô½ÃÆÇ À妽º -> ÇÁ·Î±×·¡¹Ö QnA ½Ã°£´ë: GMT + 9 ½Ã°£(Çѱ¹)
ÆäÀÌÁö 1 / 1
°Ç³Ê¶Ù±â: °Ô½ÃÆÇ ¼±Åà ¾Ë¸²----------------KLDP CodeFest¸í¿¹ÀÇ Àü´ç°øÁö»çÇ× °³¹ßÀÚ¸¦ À§ÇÑ °ø°£----------------ÇÁ·Î±×·¡¹Ö QnAÄ¿³Î ÇÁ·Î±×·¡¹Ö QnA »ç¿ëÀÚ¸¦ À§ÇÑ °ø°£----------------¼³Ä¡ ¹× È°¿ë QnAÄ¿³Î ¼³Ä¡, È°¿ë QnA °øºÎ----------------ÀÚÀ¯ °ÁÂ, ÆÁÀÚ·á½Ç Æ÷·³----------------»õ¼Ò½Ä, Á¤º¸Åä·Ð, ÅäÀÇ Àç¹Ì----------------ÀÚÀ¯ °Ô½ÃÆÇÀ̹ÌÁö °¶·¯¸® ±âŸ----------------±¸ÀÎ, ±¸Á÷ÀåÅÍ
»õ·Î¿î ÁÖÁ¦¸¦ ¿Ã¸± ¼ö ¾ø½À´Ï´Ù
´ä±ÛÀ» ¿Ã¸± ¼ö ¾ø½À´Ï´Ù
ÁÖÁ¦¸¦ ¼öÁ¤ÇÒ ¼ö ¾ø½À´Ï´Ù
¿Ã¸° ±ÛÀ» »èÁ¦ÇÒ ¼ö ¾ø½À´Ï´Ù
ÅõÇ¥¸¦ ÇÒ ¼ö ¾ø½À´Ï´Ù
ÆÄÀÏ ¾÷·Îµå : (x)
ÆÄÀÏ ´Ù¿î·Îµå : (0)
Powered by phpBB © 2001~2004 phpBB Group
|
|
|
From:211.194.15.233 / Absolute number:104
|
|
|
       |
|
|
|
|
|