這是我在/ etc / sysconfig / iptables中的設置：

#start of my iptables

# Generated by iptables-save v1.2.11 on Wed May 27 00:31:22 2015

*mangle

:PREROUTING ACCEPT [130933577:29488298585]

:INPUT ACCEPT [130933577:29488298585]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [171790648:176814024859]

:POSTROUTING ACCEPT [171789023:176813945079]

COMMIT

# Completed on Wed May 27 00:31:22 2015

# Generated by iptables-save v1.2.11 on Wed May 27 00:31:22 2015

*filter

:INPUT ACCEPT [130907005:29486700773]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [171789023:176813945079]

-A INPUT -s 117.21.191.0/255.255.255.0 -j DROP

-A INPUT -s 106.0.210.78 -j DROP

-A INPUT -s 58.218.0.0/255.255.0.0 -j DROP

-A INPUT -s 117.3.215.251 -j DROP

-A INPUT -s 119.97.146.0/255.255.255.0 -j DROP

-A INPUT -s 203.185.69.45 -j DROP

-A INPUT -s 58.18.172.0/255.255.255.0 -j DROP

-A OUTPUT -p tcp -m tcp --dport 6660:6669 -j DROP

-A INPUT -p tcp -s my_static_ip --dport 22 -j ACCEPT

-A INPUT -p tcp -s my_static_ip --dport 21 -j ACCEPT

-A INPUT -p tcp -s my_static_ip --dport 110 -j ACCEPT

-A INPUT -p tcp -m tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT

-A INPUT -p tcp -m tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT

-A INPUT -p tcp ! -s my_static_ip -j DROP

COMMIT

# Completed on Wed May 27 00:31:22 2015

# Generated by iptables-save v1.2.11 on Wed May 27 00:31:22 2015

*nat

:PREROUTING ACCEPT [8063847:452240147]

:POSTROUTING ACCEPT [3324733:239203840]

:OUTPUT ACCEPT [3324733:239203840]

COMMIT

# Completed on Wed May 27 00:31:22 2015

# end of my iptables

my_static_ip是我用來連接linux服務器的ip地址(比如說100.10.10.10).

基本上我想只允許我的一個IP連接到我的服務器使用ssh,ftp,接收和發送電子郵件等等,因為有許多濫用的IP和機器人試圖訪問ssh,ftp,pop等.HTTP和SSL必須允許我的服務器上的每個人.

通過上面的設置,除了我無法接收或發送電子郵件之外,一切都很順利.你能告訴我我做錯了什么嗎？

預先感謝您的幫助.

總結

以上是生活随笔為你收集整理的linux ftp iptables,linux – IPTABLES允许ssh,ftp,pop等从一个静态...的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。