| 共 5 篇文章 |
|
pass in quick on fxp0 proto tcp from any to any port = 80 flags S/SA keep state pass in quick on fxp0 proto tcp from any to any port = ftp flags S/SA keep state pass in quick on fxp0 proto tcp from any to any port = ftp-data flags S/SA keep state pass in quick on fxp0 proto tcp from any to any port 30000 >;block in... 阅265 转3 评0 公众公开 06-05-07 19:49 |
阅212 转5 评0 公众公开 06-05-07 19:38 |
然后写入策略 [root@proxy rc.d]# vi firewall #!/bin/sh echo "1">/proc/sys/net/ipv4/ip_forward /sbin/modprobe ip_tables /sbin/modprobe ip_nat_ftp /sbin/modprobe ip_conntrack_ftp /sbin/modprobe iptable_nat /sbin/iptables -F /sbin/iptables -F -t nat /sbin/iptables -P INPUT DROP /sbin/iptables -P OUTPUT DROP /... 阅880 转16 评0 公众公开 06-05-07 19:35 |
阅604 转4 评0 公众公开 06-05-07 19:34 |
2、修改/etc/sysconfig/network-scripts/目录下原来的ifcfg-eth0和ifcfg-eth1文件,内容如下: 代码:BOOTPROTO=none TYPE=Ethernet DEVICE=eth0 ONBOOT=yes MASTER=bond0.BOOTPROTO=none TYPE=Ethernet DEVICE=eth1 ONBOOT=yes MASTER=bond0.alias bond0 bonding options bond0 miimon=100 mode=0.ifenslave bond0 eth0 eth1. 阅439 转4 评0 公众公开 06-05-07 19:26 |
