在linux系统中安装yum install iptables-services
然后 vi /etc/sysconfig/iptables
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-N whitelist
-A whitelist -s 8.8.8.8 -j ACCEPT
-A whitelist -s x.x.x.x -j ACCEPT
-A whitelist -s x.x.x.x -j ACCEPT
-A whitelist -s x.x.x.x -j ACCEPT
-A whitelist -s x.x.x.x -j ACCEPT
-A whitelist -s x.x.x.x -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j whitelist
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j whitelist
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j whitelist
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j