Linux-Bulgaria.ORG
навигация

 

начало

пощенски списък

архив на групата

семинари ...

документи

как да ...

 

 

Предишно писмо Следващо писмо Предишно по тема Следващо по тема По Дата По тема (thread)

Re: lug-bg: iptables + adding rules after end ot table

  • Subject: Re: lug-bg: iptables + adding rules after end ot table
  • From: teodor@xxxxxxxxxxxxxxx (Teodor Georgiev)
  • Date: Wed, 30 Jan 2002 18:13:40 +0100


man iptables

ima i "opcii"  -I (insert)  osven -A (add).

iptables -I <chain> #

#  - position

----- Original Message -----
From: "Vesselin Kolev" <vlk@xxxxxxxxxxxxxxxxx>
To: <lug-bg@xxxxxxxxxxxxxxxxxx>
Sent: Wednesday, January 30, 2002 4:55 PM
Subject: lug-bg: iptables + adding rules after end ot table

> Vaznikna edin malak problem...
>
>    Imate si definirani pravila za IPTABLES (sashtoto vazhi i za
> ipchains). Tezi pravila sa zaredeni i vashia server si raboti s
> tiah. Vie imate programa, koiato analizira paketi i iska da spre
> takiva s "vredno" sydyrzhanie. Tazi programa shte ili ne shte
> generira pravoloto v kraia na tablicata, t.e. sled vsichki pravila...
>
> Eto edna iliustracia...
>
>   Zadadeno e pravilo za propuskane na zaiavki do privilegirovani
> portove:
>
> ..................
>   -A INPUT -s 0/0 -i et0 -p tcp -m tcp --dport
21,22,25,53,80,110,443,995 -j
> ACCEPT
> .................
>
> Ako sega programata vi iska da izhvyrli natrapnika i da prekysne vrzykata,
> naprimer ot port 80 tia shte zapishe
>
> $iptables -A INPUT -s NARUSHITEL -i eth0 -j DROP
>
> Obache na praktika tova pravilo ne raboti... i si e iasno zashto...
cheteneto
> na pravilata v tablicata stava otgore nadou do sreshtane na pyrvo
syotvetstvie
> no syotvetstvieto dava razreshenie i ne se stiga do zabranata po-dolu vyv
> voroto syotvetstvie.
>
> Iasno e, che nai-lesnoto e pri vsiaka operacia da se prenapisva
tablicata...
> no ako tova e na goliam router kadeto se iziskva da se addvat po 3-4
> malformed sendera v sekunda... flushvaneto i restorvaneto na tablicite
> edva li efektivno (spored men)
>
> Mozhe li niakoi da mi kazhe dali se e sblyskval s takyv problem i kak go e
> reshil..
>
>    Blagodaria vi
>
>        Vesselin
>
===========================================================================
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara
Zagora

===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora

 
наши приятели

 

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

 

 

Linux-Bulgaria.ORG

Mailing list messages are © Copyright their authors.