Urupapuro rwibanze / Ingingo /

SETUP IPTS muri Centos 7

Anonim

SETUP IPTS muri Centos 7

Muri sisitemu zose zikora zishingiye kuri kernel ya Linux, hari firewall yubatswe, ikora kugenzura no gushungura urujya n'uruza rwinjira kandi rusohoka, rushingiye ku mategeko yerekanwe cyangwa urubuga. Muri Centos 7 ikwirakwizwa, industles byingirakamaro ikora imirimo nkiyi, isabana na NetFilter yuzuye firewall. Rimwe na rimwe, umuyobozi wa sisitemu cyangwa umuyobozi wurusobe agomba gushiraho imikorere yiki kigize, kwandika amategeko akwiye. Nkigice cyingingo zuyu, twifuza kuvuga kubyerekeye ibyibanze byimiterere ya IPTST muri OS yavuzwe haruguru.

Kugena Iptable muri Centos 7

Igikoresho ubwacyo kirashobora gukora ako kanya nyuma yo kwishyiriraho cetos 7 birarangiye, ariko ibindi bizakenera gushyira serivisi zimwe, tuzabivugaho. Muri platifomu irimo gutekerezaho hari ikindi cyubatswe-mubikoresho bikora imikorere ya firewall yitwa Firewalld. Kugira ngo wirinde amakimbirane, hamwe nibindi bikorwa, turasaba abamugaye iki gice. Amabwiriza yaguye kuriyi ngingo asomwe mubindi bikoresho kumurongo ukurikira.

Soma Ibikurikira: Hagarika Firewalld muri Centos 7

Nkuko mubizi, protocole ya IPV4 na iPv6 irashobora gukoreshwa muri sisitemu. Uyu munsi tuzibanda ku karorero ka IPv4, ariko niba ushaka gushiraho izindi protokole, uzakenera aho kuba itsinda. Iptemed. Gukoresha Console IP6Tables.

Kwinjiza Iptable

Bikwiye gushyira imbere kuri sisitemu ibice byinyongera byingirakamaro muri iki gihe. Bazafasha mugushiraho amategeko nibindi bipimo. Gutwara bikorwa mububiko bwemewe, ntabwo rero bifata umwanya munini.

  1. Ibindi bikorwa byose bizakorwa muri konsole ya kera, niko uyikore muburyo ubwo aribwo bwose.

    2. Gutangira terminal kugirango ushyireho intungatire yingirakamaro muri Centos 7

  2. Sudo Yum shyiramo iptable-serivisi itegeko rishinzwe gushyiraho serivisi. Injira hanyuma ukande urufunguzo rwa Enter.

    3. Kwinjiza Impyisi Ifatika muri Centos 7

  3. Emeza konte ya supersusse ugaragaza ijambo ryibanga. Nyamuneka menya ko iyo ibibazo sudo, inyuguti zinjiye kumurongo ntizigeze zigaragara.

    4. Injira ijambo ryibanga kugirango ushireho ipteds muri Centos 7 kugeza kuri terminal

  4. Bizasabwa kongeramo paki imwe muri sisitemu, shimangira iki gikorwa uhitamo Y VOCISI.

    5. Kwemeza kongeramo paki nshya ya serivise muri Centos 7

  5. Kurangiza kwishyiriraho, reba verisiyo iriho yikikoresho: Sudo Cesibles.

    6. Kugenzura verisiyo yibisobanuro byingirakamaro muri Centos 7 kugeza kuri terminal

  6. Igisubizo kizagaragara mumurongo mushya.

    7. Kwerekana verisiyo yubu izokoresha ingirakamaro muri Centos 7 kugeza kuri terminal

Noneho os yiteguye byimazeyo iboneza rya firewall binyuze mumikoreshereze yingirakamaro. Turasaba kubimenyereye hamwe niboneza kubintu, guhera kuri serivisi zishinzwe gucunga.

Guhagarika no gutangiza serivisi zidagadura

Ubuyobozi bwo gucunga uburyo busabwa mugihe ukeneye kugenzura ibikorwa byamategeko amwe cyangwa ugatangira ibice. Ibi bikorwa gukoresha amategeko yashyizwe.

  1. Injira Serivise ya Sudo Iptable ihagarara hanyuma ukande kurutonde rwinyandiko kugirango uhagarike serivisi.

    2. Guhagarika serivisi zingirakamaro muri Centos 7 kugeza kuri terminal

  2. Kugirango wemeze ubu buryo, vuga ijambo ryibanga ryiza.

    3. Ijambobanga ryinjira kugirango uhagarike iPaties ibikorwa muri Centos 7

  3. Niba inzira itsinze, umugozi mushya uzerekanwa, byerekana impinduka muri dosiye iboneza.

    4. Kumenyesha ibijyanye no guhagarika ibikorwa bya serivisi bireptable muri Centos 7

  4. Gutangiza serivisi bikorwa hafi kimwe, gusa umurongo ubona serivisi ya sudo iptables itangira kureba.

    5. Koresha Serivisi zidafite Iptable muri Centos 7 muri Terminal

Reboot isa, itangira cyangwa ihagarika akamaro irahari igihe icyo aricyo cyose, ntukibagirwe gusa gusubiza agaciro gahindagurika mugihe bizakenera.

Reba kandi usibe amategeko

Nkuko byavuzwe haruguru, kugenzura firewall bikorwa nigitabo cyangwa mu buryo bwikora kongeramo amategeko. Kurugero, porogaramu zimwe zinyongera zishobora kubona igikoresho, guhindura politiki zimwe. Ariko, ibikorwa byinshi nkibi biracyakorwa nintoki. Kureba urutonde rwamategeko yose aboneka akoresheje Sudo IptableS -L.

Erekana urutonde rwibikoresho byose byingirakamaro muri Centos 7

Mu bisubizo byerekanwe hazabaho amakuru kuminyururu itatu: "Injiza", "ibisohoka" na "imbere" - Imodoka igenda, gusohoka, gusohoka.

Reba urutonde rwamategeko yose asineried muri Centos 7

Urashobora gusobanura imiterere yumunyururu yose winjiza sudo iptable -s.

Kugaragaza Urutonde rwibikoresho byingirakamaro muri Centos 7

Niba amategeko abonye atanyuzwe nawe, basibwe gusa. Urutonde rwose rusukuwe gutya: Sudo Iptables -f. Nyuma yo gukora, amategeko azahanagurwa rwose muminyururu uko ari itatu.

Urutonde rusobanutse rwamategeko yose Iptables ibikorwa muri Centos 7

Mugihe ukeneye kugira ingaruka kuri politiki yaturutse kumurongo umwe, impaka zinyongera zongewe kumurongo:

Sudo iptables -f yinjiza

Sudo iptables -f gusohoka

Sudo iptables -f imbere

Kuraho urutonde rwamategeko kubintu byihariye bisobanutse muri Centos 7

Kubura amategeko yose bivuze ko nta bisobanuro byumuhanda bidakoreshwa mugice icyo aricyo cyose. Ibikurikira, umuyobozi wa sisitemu azigenga kwerekana ibipimo bishya ukoresheje konsole imwe, itegeko nimpaka zitandukanye.

Kwakira no guta traffic muminyururu

Buri munyururu washyizweho ukwakira cyangwa guhagarika traffic. Mugushiraho ibisobanuro runaka, birashobora kugerwaho ibyo, kurugero, ibinyabiziga byose byinjira bizahagarikwa. Kugira ngo ukore ibi, itegeko rigomba kuba sudo iptables - intera yinjira yinjiza, aho yinjiza ari izina ryumunyururu, hanyuma ugabanye agaciro.

Kugarura ibibazo byinjira mubikoresho byingirakamaro muri Centos 7

Mubyukuri ibipimo bimwe byashyizweho kurundi ruziga, kurugero, Sudo Ippitables - Ibisohoka bisohoka. Niba ukeneye gushyiraho agaciro kugirango wakire traffic, noneho impinduka zigabanuka zemera kandi zigaragaza sudo iptables - ibitekerezo byemera.

Icyemezo cyo gukemura no gufunga

Nkuko mubizi, porogaramu zose zikoreshwa no gutunganya zikora binyuze mu cyambu runaka. Muguhagarika cyangwa gukemura adresse zimwe, urashobora gukurikirana uburyo bwo kubona imiyoboro yose. Reka dusesengure icyambu imbere urugero 80. Muri terminal, bizaba bihagije kugirango winjire muri Sudo Iptbles -Umunjiza -p tcp - aho -K - Ongeraho Amategeko, Kwinjiza Urunigi, -p - Ibisobanuro bya protocole muriki kibazo, TCP, --dport ni icyambu cyerekezo.

Itegeko ryo gufungura Port 80 muri Iptables ingirakamaro muri Centos 7

Mubyukuri itegeko rimwe naryo rikoreshwa kuri Port 22, rikoreshwa na Serivisi ya SSH: Sudo Iptables -Umunjiza -p TCP --dport 22 -j Emera.

Itegeko ryo gufungura Port 22 muri Iptables ingirakamaro muri Centos 7

Guhagarika icyambu cyerekanwe, umugozi ukoreshwa neza ubwoko bumwe, nyuma yo kwakira impinduka zo guta. Nkigisubizo, biragaragara, kurugero, sudo iptsids -injiza -p tcp --dport 2450 -j kugabanuka.

Itegeko rya Port ryabujijwe muri Iptables ingirakamaro muri Centos 7

Aya mategeko yose yinjiye muri dosiye iboneza kandi urashobora kubibona umwanya uwariwo wose. Turakwibutsa, bikorwa binyuze muri Sudo Iptables -l. Niba ukeneye kwemerera umuyoboro ip hamwe nicyambu hamwe nicyambu, umugozi wahinduwe gato - nyuma ya TPC yongeraho-hamwe na aderesi ubwayo. Sudo Ippitable -Umutonde -P TCP -S 12.12.12.12 .12/32

Itegeko ryo kwakira aderesi ya IP na Port muri Iptable muri Centos 7

Guhagarika bibaho kumahame amwe uhindura kurangiza agaciro ko kwakira mugihe gito. Noneho biragaragara, urugero sudo iptables -injiza -p tcp -s 12.12.12.0/1.0/1/dport 22 -j kugabanuka.

Itegeko ryo guhagarika IP aderesi na port muri Centos 7

Guhagarika

ICP (Amasezerano yo kugenzura interineti) - Porotokole ikubiye muri TCP / IP kandi ifite uruhare mu kwanduza ubutumwa bwibeshya nibihe byihutirwa mugihe ukorana na traffic. Kurugero, mugihe seriveri yasabwe itabonetse, iki gikoresho gikora imirimo ya serivisi. Impyisi yingirakamaro igufasha kubihagarika binyuze muri firewall, kandi urashobora kubikora ukoresheje sudo iptables -ubisohoka -p icmp - ubwoko bwa 8 -j guta itegeko rya 8 -j. Bizahagarika ibyifuzo byawe no kuri seriveri yawe.

Itegeko rya mbere ryo guhagarika isebanya ryo guhinduranya muri Centos 7

Ibyifuzo byinjira byahagaritswe bitandukanye. Noneho ugomba kwinjiza Sudo Iptables -i kwinjiza -p ICMPMP - ubwoko bwa 8 -j kugabanuka. Nyuma yo gukora aya mategeko, seriveri ntizasubiza ibyifuzo bya ping.

Itegeko rya kabiri ryo gufunga icomeka muri Centos 7

Irinde ibikorwa bitemewe kuri seriveri

Rimwe na rimwe seriveri ikorerwa ibitero bya DDOS cyangwa ibindi bikorwa bitemewe n'abacengezi. Guhindura neza firewall bizagufasha kwirinda ubwoya nkubu. Gutangira, turasaba gushiraho ayo mategeko:

  1. Twandika muri Iptables -Umunjiza -p tcp --dport 80 -m imipaka - umunota 20 / umunota 20 / umunota 20 / umunota ni ntarengwa kubisubizo byiza . Urashobora kwerekana igice cyo kwipime, kurugero, / icya kabiri, / umunota, / isaha, / kumunsi. - Inomero yamazi - imipaka kumubare wibice byabuze. Indangagaciro zose zerekanwe kugiti cye zikurikije ibyo umuyobozi akunda.

    2. Amategeko yumutekano kuva DDOS muri Wedsable muri Centos 7

  2. Ibikurikira, urashobora kubuza gusikana ibyambu bifunguye kugirango ukureho imwe mu mpamvu zishoboka zitera kwiba. Injira Sudo yambere Iptables -n guhagarika-scan comman.

    3. Itegeko rya mbere ryo kubuza ibyambu bya sintos 7

  3. Noneho sobanura sudo iptables -u guhagarika-scan -p tcp -Tcp-flags syn, ack, venm imipaka -limit 1 / s

    4. Itegeko rya kabiri ryo kubuza ibyambu bya sintos 7

  4. Ubuyobozi bwa nyuma ni: Sudo Iptables -u guhagarika-scan -j igitonyanga. Guhagarika-gusikana imvugo muriyi manza - izina ryumuzunguruko ryakoreshejwe.

    5. Itegeko rya gatatu kugirango uhagarike icyambu cya Scan muri Centos 7

Igenamiterere ryerekanwe uyumunsi ni ishingiro ryumurimo mubikoresho byo kugenzura firewall. Mubyangombwa byemewe byingirakamaro uzabona ibisobanuro byimpaka zose ziboneka hamwe nuburyo ushobora gushiraho firewall byumwihariko ukurikije ibyifuzo byawe. Hejuru Amategeko asanzwe yumutekano, akunze gukoreshwa kandi mubihe byinshi birasabwa.

Soma byinshi

Kuramo VoIP.dll ku Isi Ya Tanks
Kubikorwa byiza, isi y'ibigega irakenewe kugirango ubone amasomero yose akenewe kuri mudasobwa. Mubo biherereye kandi voip.dll ushinzwe ibice byijwi...
Tiworker.exe Utunganya Kohereza
Ibice byingenzi bya Windows, kimwe na porogaramu iyo ari yo yose, koresha ibikoresho bya sisitemu, ube imbaraga za CPU, ingano ya disiki ikomeye (ikomeye)...
Nigute ushobora guhagarika kwiyandikisha kuri iPhone
Ububiko bwa App muri iki gihe butanga abakiriya bayo ibintu byinshi bitandukanye byo gukuramo: Umuziki, firime, ibitabo, porogaramu. Rimwe na rimwe,...
Gukuramo abashoferi kuri scx-3205
Urukurikirane rw'ibikoresho byinshi bya Samsung Mulduncmuction kuri code rusange ifite icyitegererezo kinini, harimo 3205. Nyuma yo kugura ibikoresho...
Nigute Gusiba Internet Explorer kuva mudasobwa kuri Windows 7
Ntabwo ari ibanga umushakisha wa enterineti ya enterineti idakoresha cyane cyane kubakoresha bityo bamwe bashaka kubikuraho. Ariko mugihe ugerageza...
Kora hamwe na masike muri Photoshop
Mask nimwe mubikoresho byinshi byisi muri Photoshop. Bakoresha uburyo bwo gutunganya amashusho yangiza, gutanga ibintu, gukora inzibacyuho no gukoresha...
Foromaje kuri burger, ikigaragara
Amatungo y'intama: Amazina meza nibiranga, ubwoko bunini
Ubwoko bw'imyenda - ni iyihe marnics, ibyiciro byabo, izina, ibihimbano
Amafoto yizunguruka utazigera wibagirwa
10 Ibibazo bya Renault Avana, abaguzi batakeka
E420 Sorbittol, ubukorikori - ibikorwa ku buzima, inyungu no kugirira nabi, ibisobanuro
Kabarga: Umumarayika Umunuko, Abadayimoni
amakuru ashimishije ku bijanye n'igitsina tantric, amategeko yayo
Guhuza kokayine birashobora kugenwa nurutoki
Byose kuri Dühs - Cherry na Hybrides
Amaguru yinyuma yimbwa arimo gutanga inzira no gutatana: icyo gukora | impamvu, impamvu
Impamvu 23 zo Kwita ku Isabukuru ya Jennifer Lawrence
Inzira Nziza Nziza Zireba Kuva kumunsi wa 5 na 6 wicyumweru cyimyambarire ya Paris
Jennifer Aniston Amafoto | Jennifer Aniston style | Jennifer Aniston pics
Amasezerano ya Verdun
Amavuta y'ingurube ya Vietnam-Style hamwe na salade nziza y'ibyatsi
Hobby Lobby Amaboko arenga 5.500 yatumijwe mu buryo butemewe n'amategeko
Niki Port ya USB kuri Nest Mwaramutse Yakoreshejwe?
Ibirayi hamwe na foromaje byokeje resept | Ibikoresho bike cyane kubiryo byo hejuru
Amasosiyete meza yo gukodesha ibikoresho byiza byo muri 2022
Isaha y'ubururu niyihe?
Kim Kardashian yigeze kugira ubwoba ko 'Ntuzongere Kujya Guhuza Igitsina'
Soho Loft hamwe na Honey-Comb Skylight Amaherezo Igurisha Miliyoni 2.15 Nyuma yamezi 6 kumasoko
NASA mubyogajuru NASA ivuga kubyerekeye gusubira murugo mubuzima
Nigute ushobora guteka umuceri uhumanye neza / Mu isafuriya, guteka buhoro, microwave - ingingo yo mu gice "Uburyo bwo guteka" kurubuga
Kwihorera bitanga inkuru ikomeye iteye ubwoba kubyerekeye iterabwoba ryegereje umubyeyi
Nigute ushobora gushushanya imisumari yawe mugihe cy'itumba: amabara nubuhanga bwo kwiyerekana
Uburyo Neurocomic Yinjira mumutwe wawe
Abagore b'ibyamamare bafite ADHD Bize Kumurika
Samuel L. Jackson arengera Quentin Tarantino gukoresha 'N-ijambo'
Abakoresha Firefox mwirinde: CCleaner ihanagura igenamiterere rya Firefox muburyo busanzwe
Rihanna Yohereje Ubutumwa Bwubwiza Namafoto Yurubuga Yerekana Inkovu za Model
Kurenga kuri Beatles: Ihuza rya George Harrison ritunguranye na SFF
7 Ubwiza bwa Ford F-150 Umurabyo Amashanyarazi Ikamyo
Komeza Guhuza Inzira Yubwenge Na Whatsapp - Kohereza no Kwakira Ubutumwa Kubusa
'Igitangaza': Uburyo Umwamikazi Yishyize hamwe kugirango akore Classic

© 2024 Gusana mudasobwa
Mudasobwa na terefone nziza - uburyo bwo gukora no gusana, inama zingirakamaro

nl en af am ar az be bg bn bs ca ceb cs cy da de el eo es et eu fa fi fr fy ga gl gu ha he hi hmn hr ht hu hy id ig is it ja jv ka kk km kn ko ku ky lb lo lt lv mg mk ml mn mr ms mt my ne no ny or pa pl ps pt ro rw sd si sk sl sm sn so sq sr st su sv sw ta te tg th tk tl tr tt ug uk ur uz vi xh yi yo zh-CN zh-TW zu