- 论坛徽章:
- 0
|
本帖最后由 碌木 于 2011-09-21 13:27 编辑
这是重启iptables后的规则- [root@localhost ~]# service iptables restart
- Flushing firewall rules: [ OK ]
- Setting chains to policy ACCEPT: nat mangle filter [ OK ]
- Unloading iptables modules: [ OK ]
- Applying iptables firewall rules: [ OK ]
- Loading additional iptables modules: ip_conntrack_netbios_n[ OK ]
- [root@localhost ~]# service iptables status
- Table: nat
- Chain PREROUTING (policy ACCEPT)
- num target prot opt source destination
- Chain POSTROUTING (policy ACCEPT)
- num target prot opt source destination
- 1 MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0 MARK match 0x9
- Chain OUTPUT (policy ACCEPT)
- num target prot opt source destination
- Table: mangle
- Chain PREROUTING (policy ACCEPT)
- num target prot opt source destination
- 1 MARK all -- 0.0.0.0/0 0.0.0.0/0 MARK set 0x9
- Chain INPUT (policy ACCEPT)
- num target prot opt source destination
- Chain FORWARD (policy ACCEPT)
- num target prot opt source destination
- Chain OUTPUT (policy ACCEPT)
- num target prot opt source destination
- Chain POSTROUTING (policy ACCEPT)
- num target prot opt source destination
- Table: filter
- Chain INPUT (policy ACCEPT)
- num target prot opt source destination
- 1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
- Chain FORWARD (policy ACCEPT)
- num target prot opt source destination
- 1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
- Chain OUTPUT (policy ACCEPT)
- num target prot opt source destination
- Chain RH-Firewall-1-INPUT (2 references)
- num target prot opt source destination
- 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
- 2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
- 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
- 4 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
- 5 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
- 6 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
- 7 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
- 8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
- 9 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
- 10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
- 11 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
复制代码 |
|