iptables -A INPUT -j FIREWALL
iptables -A FORWARD -j FIREWALL
iptables -A FIREWALL -p tcp -m tcp –dport 21 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 22 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 25 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 80 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 110 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 143–syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 3306 –syn -j ACCEPT
iptables -A FIREWALL -i lo -j ACCEPT
iptables -A FIREWALL -p udp -m udp –sport 53 -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –syn -j REJECT
iptables -A FIREWALL -p udp -m udp -j REJECT
iptables -A FORWARD -j FIREWALL
iptables -A FIREWALL -p tcp -m tcp –dport 21 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 22 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 25 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 80 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 110 –syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 143–syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –dport 3306 –syn -j ACCEPT
iptables -A FIREWALL -i lo -j ACCEPT
iptables -A FIREWALL -p udp -m udp –sport 53 -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp –syn -j REJECT
iptables -A FIREWALL -p udp -m udp -j REJECT
然后:
# chmod 755 /etc/firewall.sh
把firewall.sh加到启动中 :
# echo sh /etc/firewall.sh >> /etc/init.d/rc.local