- 论坛徽章:
- 0
|
因为要测试X-win32,其他步骤都做了,就差没关Redhat 9的防火墙了,windows的norton我也关了,运行了命令
ipchains -A input -p udp -i $extint --dport 177 -j DENY
却出来错误
Warning: wierd character in interface `--dport' (No aliases, :, ! or *).
Try `ipchains -h' or 'ipchains --help' for more information.
然后看看帮助
ipchains -A input -p udp -i $extint --dport 177 -j DENY
ipchains 1.3.10, 1-Sep-2000
Usage: ipchains -[ADC] chain rule-specification [options]
ipchains -[RI] chain rulenum rule-specification [options]
ipchains -D chain rulenum [options]
ipchains -[LFZNX] [chain] [options]
ipchains -P chain target [options]
ipchains -M [ -L | -S ] [options]
ipchains -h [icmp] (print this help information, or ICMP list)
Commands:
Either long or short options are allowed.
--append -A chain Append to chain
--delete -D chain Delete matching rule from chain
--delete -D chain rulenum
Delete rule rulenum (1 = first) from chain
--insert -I chain [rulenum]
Insert in chain as rulenum (default 1=first)
--replace -R chain rulenum
Replace rule rulenum (1 = first) in chain
--list -L [chain] List the rules in a chain or all chains
--flush -F [chain] Delete all rules in chain or all chains
--zero -Z [chain] Zero counters in chain or all chains
--check -C chain Test this packet on chain
--new-chain
-N chain Create a new user-defined chain
--delete-chain
-X chain Delete a user-defined chain
--policy -P chain target
Change policy on chain to target
--masquerading
-M -L List current masquerading connections
--set -M -S tcp tcpfin udp
Set masquerading timeout values
Options:
--bidirectional -b insert two rules: one with -s & -d reversed
--protocol -p [!] proto protocol: by number or name, eg. `tcp'
--source -s [!] address[/mask] [!] [port[]]
source specification
--source-port [!] [port[]]
source port specification
--destination -d [!] address[/mask] [!] [port[]]
destination specification
--destination-port [!] [port[]]
destination port specification
--icmp-type [!] typename specify ICMP type
--interface -i [!] name[+]
network interface name ([+] for wildcard)
--jump -j target [port]
target for rule ([port] for REDIRECT)
--mark -m [+-]mark number to mark on matching packet
--numeric -n numeric output of addresses and ports
--log -l turn on kernel logging for matching packets
--output -o [maxsize] output matching packet to netlink device
--TOS -t and xor and/xor masks for TOS field
--verbose -v verbose mode
--exact -x expand numbers (display exact values)
--line-numbers list line numbers beside each rule
--no-warnings Disable all warnings
[!] --fragment -f match second or further fragments only
[!] --syn -y match TCP packets only when SYN set
[!] --version -V print package version.
没法子,帮帮忙吧 |
|