jiawang
哪位帮我解释下这几条iptables规则是什么意思
我在安装Redhat的时候启用iptables了
[root@www ~]# more /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
[color=Blue]-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT[/color]
[color=Blue]-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT[/color]
[color=Blue]-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT[/color]
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
[color=Blue]-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT[/color]
[color=Blue]-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited[/color]
COMMIT
[[i] 本帖最后由 jiawang 于 2008-6-21 12:32 编辑 [/i]]
jiawang
-p 50 51 是什么协议???
[color=Red]-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT[/color]
这两条是干什么用的? 有了-p udp,为什么还来个-m udp,-m udp是代表什么呢?
最后,这条
[color=Red]-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited[/color]
又是什么意思?
希望高手,详细解释一下!!!
[[i] 本帖最后由 jiawang 于 2008-6-21 12:35 编辑 [/i]]