Enter the Linux command line and edit the firewall rules configuration file iptables vi /etc/sysconfig/iptables
The following is an example of a whitelist setting:
? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 <code class="hljs haml"># Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filt Er :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -N whitelist -A whitelist -s 10.202.106.1 -j ACCEPT -A whitelist -s 10.202.106.2 -j ACCEPT -A whitelist -s 10.202.106.3 -j ACCEPT -A whitelist -s 10.202.106.4 -j ACCEPT -A whitelist -s 10.202.106.5 -j ACCEPT -A whitelist -s 10.202.106.6 -j ACCEPT -A whitelist -s 10.202.106.7 -j ACCEPT -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1 -INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall- 1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall- 1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall- 1-INPUT -m state --state NEW -m tcp -p tcp --dport 4750 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 - j whitelist -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT</code>
The part in which the whitelist is set is:
? 1 2 3 4 5 6 7 8 <code class="hljs haml"><code class="hljs lasso">-N whitelist -A whitelist -s 10.202.106.1 -j ACCEPT -A whitelist -s 10.202.106.2 -j ACCEPT -A whitelist -s 10.202.106.3 -j ACCEPT -A whitelist -s 10.202.106.4 -j ACCEPT -A whitelist -s 10.202.106.5 -j ACCEPT -A whitelist -s 10.202.106.6 -j ACCEPT -A whitelist -s 10.202.106.7 -j ACCEPT</code></code>
Use whitelist rules with j parameter specification:
? 1 <code class= "hljs haml"><code class="hljs lasso"><code class="hljs lasso">-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j whitelist</code></code></code>
minicom is very easy to use, but sometimes not intuitive enough, it is recommended that newcomers, e
on Linux A traditional VPN (such as OpenVPN, PPTP) consists of a VPN server and one or more clients
This article describes the implementation of malloc and its malloc in the heap expansion operation,
The companys network environment is a bit complicated, and the damn secure policy requires
Under Linux, how can ordinary users temporarily obtain root privileges?
Linux kernel design and implementation - kernel synchronization
Hard disk mount in linux system
The use of the Linux primary command useradd and detailed
How to configure peer-to-peer VPN
Configuring rdate time server tutorial under Linux
Linux ping external network packet loss solution
Sudo command in Linux system to explain
Win10 boot black screen for a long time how to do
Getting Started: Learning Hard Disk Partitioning and Sizing
Windows8.1 installation tutorial detailed illustration
How to hide QQ data age and gender
How to prohibit access control panel
What if the win7 computer desktop gadget cannot be automatically opened?
How to open win7 suffix file named .pst win7 system file suffix name.pst open method
How to convert Win7 system hard disk into NTFS format