Chinaunix
标题:
用内网WIN2000server做web和FTP服务器的端口映射配置(成功代码)
[打印本页]
作者:
lyrican
时间:
2005-05-09 15:48
标题:
用内网WIN2000server做web和FTP服务器的端口映射配置(成功代码)
# Generated by iptables-save v1.2.3 on Mon Sep 9 15:25:57 2002
*nat
REROUTING ACCEPT [1757]
OSTROUTING ACCEPT [368]
:OUTPUT ACCEPT [368]
#Transparent Squid Proxy
#Port forwarding to 192.168.2.2 80
#Port forwarding to 192.168.2.2 20/21
-A POSTROUTING -s 192.168.2.0/255.255.255.0 -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Sep 9 15:25:57 2002
# Generated by iptables-save v1.2.3 on Mon Sep 9 15:25:57 2002
*filter
:OUTPUT ACCEPT [0]
:FORWARD ACCEPT [0]
:INPUT ACCEPT [0]
#-A INPUT -p tcp -m tcp -i eth0 --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp -i eth0 --dport 25 -j ACCEPT
#-A INPUT -p tcp -m tcp -i eth0 --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp -i eth0 --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp -i eth0 --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp -i eth0 --dport 23 -j ACCEPT
-A INPUT -p tcp -m tcp -i eth0 --dport 0:1023 -j DROP
-A INPUT -p icmp -m limit -i eth0 --limit 1/sec --limit-burst 10 -j ACCEPT
-A INPUT -p tcp -m tcp -i eht0 --sprot21 -j ACCEPT
#-A FORWARD -p tcp -m tcp -s ! 192.168.2.18/255.255.255.254 -o eth0 --dport 1863
-j DROP
COMMIT
# Completed on Mon Sep 9 15:25:57 2002
# Generated by webmin
*mangle
:OUTPUT ACCEPT [0]
REROUTING ACCEPT [0]
OSTROUTING ACCEPT [0]
:FORWARD ACCEPT [0]
:INPUT ACCEPT [0]
COMMIT
# Completed
我把/etc/sysconfig/iptables 文件中的内容全贴出来了,大家有碰到类似问题的请参照一下。
欢迎光临 Chinaunix (http://bbs.chinaunix.net/)
Powered by Discuz! X3.2
REROUTING ACCEPT [1757]OSTROUTING ACCEPT [368]REROUTING ACCEPT [0]OSTROUTING ACCEPT [0]