wd and cc

— Happy every day


Posted at — Apr 17, 2006

看了下,似乎比较简单的就是设置interfaces文件了。 Configuring firewall rules through ifup
You can use also the network configuration in /etc/network/interfaces to setup your firewall rules. For this you will need to:

Create your firewalling ruleset for when the interface is active.
Save your ruleset with iptables-save to a file in /etc, for example /etc/iptables.up.rules
Configure etc/network/interfaces to use the configured ruleset:
    iface eth0 inet static
            address x.x.x.x
            [.. interface configuration ..]
            pre-up iptables-restore < /etc/iptables.up.rules
You can optionally also setup a set of rules to be applied when the network interface is down creating a set of rules, saving it in /etc/iptables.down.rules and adding this directive to the interface configuration:

        post-down iptables-restore < /etc/iptables.down.rules
For more advanced firewall configuration scripts through ifupdown you can use the hooks available to each interface as in the *.d/ directories called with run-parts (see run-parts(8)).

可以去http://easyfwgen.morizot.net/gen/ 在线生成一个防火墙脚本,然后pre-up指定一下。

comments powered by Disqus