WDCP iptables 限制IP访问

chao 2022-5-13 15:24 CentOS&Ubuntu 抢沙发 606IT人生
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [65:12817]
:RH-Firewall-1-INPUT - [0:0]
#-A INPUT -p tcp -m tcp --dport 11211 -j ACCEPT
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251/32 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 20000:20500 -j ACCEPT
-A RH-Firewall-1-INPUT -s 111.67.104.87/32 -p tcp -m state --state NEW -m tcp --dport 33899 -j ACCEPT
-A RH-Firewall-1-INPUT -s 119.82.254.50/32 -p tcp -m state --state NEW -m tcp --dport 33899 -j ACCEPT
-A RH-Firewall-1-INPUT -s 101.78.198.112/28 -p tcp -m state --state NEW -m tcp --dport 33899 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.248.186.71/32 -p tcp -m state --state NEW -m tcp --dport 33899 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.248.186.81/32 -p tcp -m state --state NEW -m tcp --dport 33899 -j ACCEPT
-A RH-Firewall-1-INPUT -s 119.15.95.224/28 -p tcp -m state --state NEW -m tcp --dport 33899 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.232.36.241/32 -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.232.37.241/32 -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.232.38.241/32 -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.232.39.241/32 -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT
-A RH-Firewall-1-INPUT -s 111.67.104.87/32 -p tcp -m state --state NEW -m tcp --dport 2100 -j ACCEPT
-A RH-Firewall-1-INPUT -s 119.82.254.50/32 -p tcp -m state --state NEW -m tcp --dport 2100 -j ACCEPT
-A RH-Firewall-1-INPUT -s 101.78.198.112/28 -p tcp -m state --state NEW -m tcp --dport 2100 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.248.186.71/32 -p tcp -m state --state NEW -m tcp --dport 2100 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.248.186.81/32 -p tcp -m state --state NEW -m tcp --dport 2100 -j ACCEPT
-A RH-Firewall-1-INPUT -s 119.15.95.224/28 -p tcp -m state --state NEW -m tcp --dport 2100 -j ACCEPT
-A RH-Firewall-1-INPUT -s 111.67.104.87/32 -p tcp -m state --state NEW -m tcp --dport 8800 -j ACCEPT
-A RH-Firewall-1-INPUT -s 119.82.254.50/32 -p tcp -m state --state NEW -m tcp --dport 8800 -j ACCEPT
-A RH-Firewall-1-INPUT -s 101.78.198.112/28 -p tcp -m state --state NEW -m tcp --dport 8800 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.248.186.71/32 -p tcp -m state --state NEW -m tcp --dport 8800 -j ACCEPT
-A RH-Firewall-1-INPUT -s 103.248.186.81/32 -p tcp -m state --state NEW -m tcp --dport 8800 -j ACCEPT
-A RH-Firewall-1-INPUT -s 119.15.95.224/28 -p tcp -m state --state NEW -m tcp --dport 8800 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2100 -j DROP
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8800 -j DROP
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 33833 -j DROP
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 161 -j DROP
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
正文部分到此结束

版权声明:除非注明,本文由( chao )原创,转载请保留文章出处

本文链接:WDCP iptables 限制IP访问

继续浏览:iptables

分享文章:QQ空间腾讯微博新浪微博网易微博人人网开心网腾讯朋友百度搜藏

CentOS安装流媒体NMS
iptables限制IP访问