LinuxÏÂShorewall·À»ðǽ°²×°ÓëÅäÖ÷½·¨
»·¾³ËµÃ÷£º±¾»úÖ»ÓÐÒ»ÕÅÍø¿¨£¬Ê¹Óþ²Ì¬IPÉÏÍø
ÃüÁapt-get install shorewall ubuntu»á×Ô¶¯µÄ¸øÄã°²×°ºÃ£¬µ«ÊÇshorewallûÓÐÅäÖÃ
ҲûÓÐÆô¶¯
¡¸1¡¹Ê×ÏÈcp /usr/share/doc/shorewall/examples/one-interface/* /etc/shorewall
¡¸2¡¹ÐÞ¸Ä/etc/shorewall/shorewall.conf ¸ÄSTARTUP_ENABLED=NoΪSTARTUP_ENABLED=Yes
¡¸3¡¹ÐÞ¸Ä/etc/default/shorewall ¸Ästartup=0Ϊstartup=1
¡¸4¡¹ÔËÐÐifconfigÈ·ÈÏ×Ô¼ºÍø¿¨Ãû³Æ ĬÈÏÒ»°ã¶¼ÊÇeth0 £¬¼ÇÏÂÕâ¸öÍø¿¨Ãû³Æ
¡¸5¡¹ÐÞ¸Ä/etc/shorewall/interfaces ¸Änet eth0 detect dhcp£¬tcpflags£¬logmartians£¬nosmurfsÖеÄeth0ΪÄãµÄÍø¿¨Ãû³Æ£¬Èç¹ûÏàͬ¾Í²»ÓÃÐÞ¸ÄÁË
¡¸6¡¹ÐÞ¸Ä/etc/shorewall/rules Õâ¸öÎļþÊÇ·ÃÎʹæÔòµÄ¶¨ÒåÎļþ£¬Ä¬ÈÏÊÇÔÊÐí±¾µØ¼ÆËã»ú·ÃÎÊËùÓÐÍⲿµØÖ·£¬½ûÖ¹Íⲿ¼ÆËã»ú·ÃÎʱ¾µØÖ·ÀýÈçÄãÈç¹û¿ª·ÅÁËssh
·þÎñ£¬¶Ë¿ÚÊÇ22£¬ÄãÏëÔÊÐí±ðÈË·ÃÎÊÄÄôÔÚ ACCEPT $FW net icmp н¨Ò»Ìõ¹æÔò
ACCEPT net $FW TCP 22 ÕâÀïÒ²¸ø´ó¼Ò¼òµ¥ËµÏ¹æÔòµÄһЩд·¨ net ´ú±í»¥ÁªÍø¼ÆËã»ú $fw´ú±í±¾»ú£¬Ò²¾ÍÊÇ·À»ðǽ
±¾Éí½â¶Á ACCEPT net $FW TCP 22 Òâ˼¾ÍÊÇÔÊÐí»¥ÁªÍøµ½±¾»ú£¨·À»ðǽ£©ÒÔ TCP ÐÒé
·ÃÎÊ22¶Ë¿ÚÏàÓ¦µÄÈç¹û½ûÖ¹¾ÍÊÇDROP
DROP net $FW TCP 22 Èç¹ûÊÇÔÊÐí»¥ÁªÍøijһIP·ÃÎÊ£¬¹æÔò¿ÉÒÔÕâôд
ACCEPT net£º192.168.1.10 $FW TCP 22
shorewall start ºÃÁË¡£
Ïà¹ØÎĵµ£º
´´½¨Ê±¼ä£º2010-01-27
×÷ÕߣºSteven Yang
E-mail£ºmqyoung@gmail.com
ΪÁ˸ßЧµÄ¶Ôkernel½øÐе÷ÊÔ£¬×÷ÕßÔÚʵÑéÊÒÀûÓÃÒÑÓеÄ×ÊÔ´½øÐл·¾³ÅäÖá£Ê×ÏÈÊÇÓ²¼þ»·¾³£¬ÎÒÓÐÁ½¸öPC£¬
Ò»¸öÊÇP III£¬Debian£¨Target£©
Ò»¸öÊÇAMD 64£¬Ubuntu£¨Developer£©
Ҫͨ¹ýDeveloperµ÷ÊÔTarget£ ......
1 ¸ÅÄî
¹ËÃû˼Ò壬¾ÍÊǽ« linux ϵͳ°²×°µ½Òƶ¯Ó²ÅÌ£¬²¢ÇÒÄÜÔÚ¶ą̀²»Í¬µÄµçÄÔÉÏÔËÐÐ —— Òƶ¯Ó²Å̾ÍÊÇÒªÒƶ¯×ÅÓÃÂï¡£²»·Á³Æ֮Ϊ portable-linux »ò mobile-linux £¬»òÕß±ðµÄʲôÃû×Ö£¿
2 ÓÃ;
ÎÒÏëµ½ÒÔϼ¸µã——
1.¾È¼±£ºµçÄÔÔÀ´µÄϵͳÒò²¡¶¾»òÆäËüÔÒò²»ÄÜÕý³£Æô¶¯£¬¶øÓÖ¼±ÐèÀïÃæµÄ×ÊÁÏ£¬Õ ......
1.̸µ½linuxµÄÎļþϵͳ£¬ÎÒÃDZØÐë¹Ø×¢/etc/fstabÎļþµÄÄÚÈÝ£»ÔÚlinuxÖеÄËùÓйÒÔØ·ÖÇøºÍÉ豸¶¼ÔÚfstab±í¸ñÖС£
/etc/fstab±í¸ñÖеÄÑ¡ÔñÏî²ÎÊý¶¨ÒåÈçÏ£º
ro or rw
Read only or read write
noauto
Do not respond to mount -a. Used for external devices CDROMs ...
noexec
Executables cannot be started from the ......
