#!/bin/bash
iptables -t filter -F
iptables -t nat -F
iptables -t filter -X
iptables -t nat -X
iptables -t filter -Z
iptables -t nat -Z
MYMAC=“00:0c:29:7e:6e:2f”
MYIP=“192.168.31.7”
########### Policy Set #############
iptables -t filter -P INPUT DROP
iptables -t filter -P OUTPUT ACCEPT
########### INPUT #################
iptables -t filter -A INPUT -p tcp -m state --state INVALID -j DROP
iptables -t filter -A INPUT -p tcp --dport 80 -m state --state NEW -m limit --limit 20/s --limit-burst 200 -j ACCEPT
iptables -t filter -A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t filter -A INPUT -p icmp --icmp-type 0 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 22 -s $MYIP -m mac --mac-source $MYMAC -j ACCEPT
########### OUTPUT #################
iptables -A OUTPUT -p tcp --sport 31337:31340 -j DROP
iptables -A OUTPUT -p tcp --dport 31337:31340 -j DROP
service iptables save > /dev/null
————————————————
版权声明:本文为CSDN博主「‘我最帅’」的原创文章,遵循CC 4.0 by-sa版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/weixin_43165872/article/details/82750370
有服务器需求请加QQ1911624872咨询
