Mainpage / Zvinyorwa /

Setup iptables muCentos 7

Anonim

Setup iptables muCentos 7

Mune ese masisitimu ekushandisa zvichienderana neLinux kernel, pane iyo firewall-in firewall, kuita kudzora uye kusefa kwekupinda uye kunobuda traffic, zvichibva pamitemo yakatarwa kana pachikuva chakataurwa kana chikuva. Mumakore manomwe ekugoverwa, mishonga inokambaira inoita basa rakadai, kufambidzana neyevakavakirwa-muNetFilter firewall. Dzimwe nguva iyo Sistimu yemutariri kana maneja maneja anofanirwa kugadzirisa mashandiro echikamu ichi, achiratidza mitemo yakakodzera. Sechikamu chenyaya yanhasi, tinoda kutaura nezvezvakadzokorodza kweiyo iPlables kugadziriswa mune iri pamusoro-yakataurwa OS.

Gadzirisai mukana mune centos 7

Chishandiso pachacho chinowanikwa nekushanda pakarepo mushure mekuiswa kweCentos 7 yapera, asi zvakare ichazoda kuisa mamwe masevhisi, izvo zvatichataura nezvazvo. Muchikuva uchitarisisa pane imwezve yakavakirwa-mu mudziyo unoita basa remoto rinonzi Firewalld. Kuti udzivise kusawirirana, nedzimwe basa, tinokurudzira vakaremara chikamu ichi. Yakawedzerwa mirayiridzo pane iyi nyaya kuverenga mune chimwe chinhu pane inotevera link.

Verenga Zvimwe: Dzivisa Firewalld muCentos 7

Sezvaunoziva, iyo IPv4 uye ipv6 protocol inogona kuiswa muhurongwa. Nhasi isu tichaisa pfungwa paIPv4 muenzaniso, asi kana iwe uchida kugadzirisa imwe protocol, iwe uchazoda panzvimbo yechikwata. Zvikanganiso. mukushandisa console Ip6tables.

Kuisa Iptables

Inofanirwa kuve yekutanga kune iyo system yekuwedzera zvinhu zvekushandisa mukushandiswa kuri kutariswa nhasi. Ivo vachabatsira kuisa mitemo uye zvimwe paramita. Kuregedza kunoitwa kubva kune repamutemo repository, saka hazvitore nguva yakawanda.

  1. Zvese izvi zviito zvichaitwa mune classical console, saka inomhanya neimwe nzira iri nyore.

    2. Kutanga iyo terminal yekugadzirisa iyo iPiLipts Utility mune muzana 7

  2. Iyo sudo yum yekuisa iptables-Services Command ine basa rekuisa masevhisi. Pinda iyo uye tinya iyo Enter kiyi.

    3. Kuisa Iptables Zvinobatsira muCentos 7

  3. Simbisa iyo Superuser account nekutsanangura password kubva kwazviri. Ndokumbira utarise kuti kana mibvunzo muSudo, mavara akapinda mumutsara haatomboratidzwa.

    4. Isa iyo password yekuisa miptiques muCentos 7 kuburikidza neTestminal

  4. Iyo icharatidzwa yekuwedzera imwe package kune system, simbisa chiitiko ichi nekusarudza iyo y vhezheni.

    5. Kusimbiswa kwekuwedzera nyowani iPipables Service Packages muCentos 7

  5. Kana wapedza kuisirwa, tarisa iyo yazvino vhezheni yeiyo chishandiso: Sudo iptiques --version.

    6. Kuongorora iyo vhezheni yeiyo iPitables utility mune centos 7 kuburikidza neiyo terminal

  6. Mhedzisiro yacho ichaonekwa mumutambo mutsva.

    7. Kuratidza iyo yazvino vhezheni yeiyo iPitables Utility mune centos 7 kuburikidza neiyo terminal

Iye zvino iyo OS iri yakagadzirira zvizere kugadziridzwa kweiyo firewall yemurazvo kuburikidza neinoshanduka inoshandiswa. Isu tinoratidza kuzviudzika iwe nekugadziriswa pazvinhu, kutanga nekutamba masevhisi.

Kumira uye kutanga kushandira mabasa

Iptables Mode manejimendi anodikanwa mune zviitiko kwaunoda kutarisa chiitiko chemamwe mitemo kana kungogotangisa chikamu. Izvi zvinoitwa uchishandisa mirairo yakamiswa.

  1. Pinda Sudo Service Iptiques Mira uye tinya pane iyo Enter kiyi yekumisa masevhisi.

    2. Kumisa Iptables Utility masevhisi mumasangano 7 kuburikidza neiyo terminal

  2. Kuti usimbise maitiro aya, taura password yekutanga.

    3. Password yekupinda kuti inomira iPitablees zvinoshandiswa muCentos 7

  3. Kana maitiro acho akabudirira, tambo itsva icharatidzwa, inoratidza shanduko mune yekugadziriswa faira.

    4. Kuzivisa nezvekumisa mashandiro mashandiro estilises iPineti 7

  4. Iko kutanga kwemasevhisi kunoitwa pamwe nenzira imwechete, chete mutsetse unowana Sudo Service Iptiquables Start View.

    5. Mhanyisa iptables anoshandiswa masevhisi mumasangano 7 mune terminal

Runyoro rwakadaro, kutanga kana kumisa iyo yekushandisa inowanikwa chero nguva, usakanganwa chete kudzosera kukosha kwakadzokororwa kana kuchave kuri mukuda.

Tarisa uye Delete Mitemo

Sezvambotaurwa, kutonga kweiyo firewall kunoitwa nebhuku rairo kana kuti otomatiki kuwedzera mitemo. Semuenzaniso, zvimwe zvekuwedzera zvekushandisa zvinogona kuwana chishandiso, kuchinja mamwe marongero. Nekudaro, zviito zvakawanda zvakadaro zvichiri kuitika mumugodhi. Kuona rondedzero yemitemo yese yazvino inowanikwa kuburikidza neSudo Iptables -l Command.

Ratidza rondedzero yezvese zviripo zvazvino mukana zvinoshandiswa zvinoshandiswa mumasangano 7

Mumhedzisiro inoratidzwa pachine ruzivo pamaketani matatu:

Kuona rondedzero yemitemo yese inoshanda iPtables in Sentos 7

Iwe unogona kutsanangura mamiriro emaketani ese nekupinda sudo ipsables -s.

Kuratidza rondedzero yeiyo Iptiables Utility masenduru muzana 7

Kana mitemo yakaonekwa isingagutsikane newe, ivo vanongobviswa. Rondedzero yacho yese yakajekeswa seizvi: Sudo Iptables -F. Mushure mekutongwa, mutemo uchadzimwa zvachose kune ese matatu maketani matatu.

Rondedzero yakajeka yemitemo yese iPitables anoshanda mune muzana 7

Kana iwe uchifanira kukanganisa chete marongero kubva kune imwe chete ngetani imwe, imwe nharo inowedzerwa kumutsara:

Sudo iptable -f yekuisa

Sudo iptables -f kubuda

Sudo iptiables -f Famba mberi

Bvisa runyorwa rwemitemo yeiyo chaiyo iPilables Caine muCentos 7

Iko kusavapo kwemitemo yese zvinoreva kuti hapana traffic trafficing marongero haishandiswe mune chero chikamu. Tevere, iyo maneja wesistimu anozvimiririra anozvimiririra paramita idzva uchishandisa konyasha imwe chete, iwo murairo uye nharo dzakasiyana siyana.

Kugamuchira uye kudonhedza traffic mumaketani

Cheni chega chega chinogadziriswa zvakasiyana pakugamuchira kana kuvhara traffic. Nekuisa revo yerevo, inogona kuwanikwa iyo, semuenzaniso, traffic yese inouya ichavharwa. Kuti uite izvi, iwo murairo unofanirwa kunge uri sudo iptables --policy yekuisa kudonha, iko kuiswa izita remaketeni, uye kudonha kukosha kweiyo.

Dzosera mibvunzo inouya mumubvunzo wegostiles inoshandiswa muCentos 7

Chaizvoizvo iwo ma parameter akafanana akaiswa mamwe matunhu, semuenzaniso, sudo iptables --Poolicy inobuda kudonha. Kana iwe uchifanira kuisa kukosha kwekugamuchira traffic, saka donhwe radimbiso rekugamuchira uye rinosarudza sudo iptiquars --policy yekupinda.

Port kugadzirisa uye kukiya

Sezvaunoziva, zvese zvinoshandiswa network uye maitiro anoshanda kuburikidza nechimwe chiteshi. Nekuvhara kana kugadzirisa mamwe kero, iwe unogona kuongorora kupinda kwese kweNetwork zvinangwa. Ngationgororei chiteshi chemuenzaniso semuenzaniso 80. MuTerminal, zvichave zvakakwana kuti ndipe Sudo Iptocs -dport 80 -j Gamuchira Mutemo mutsva, Input - zano re Cheni yacho, -p - protocol tsanangudzo mune ino kesi, tcp, a --dport inzvimbo yekuenda.

Kutonga kwekuvhura port 80 mune iyo iptables utility mune centos 7

Chaizvoizvo iwo iwowo iwo murairo mumwechete anoshandawo kuPort 22, iyo inoshandiswa neiyo SHH Service: Sudo Iptables -a Input -P TCP --DPort 22 -J Bvuma.

Kutonga kwekuvhura port 22 mune iPitables utility inoshandiswa muCentos 7

Kuvhara chiteshi chakataurwa, tambo inoshandiswa chaizvo mhando imwechete, chete pakupera kwekugamuchira shanduko kudonha. Nekuda kweizvozvo, zvinopera, semuenzaniso, sudo iptables -a input -p tcp --dport 2450 -j kudonha.

Kutonga kwechiteshi kurambidzwa mune iPitables utility mune centos 7

Iyi mitemo iyi inopinda mufaira rekugadziriswa uye iwe unogona kuvaona chero nguva. Tinoyeuchidza iwe, zvinoitwa kuburikidza neSudo Ipticables -L. Kana iwe uchifanira kubvumira iyo network IP kero ine chiteshi pamwe nechiteshi, tambo yacho yakagadziridzwa zvishoma - mushure meTPC inowedzerwa-uye kero iyo pachayo. Sudo Iptables -a Input -P TCP -S 12.12.12.12/32 --DPORT 22 -J Gamuchirwa, apo 12.12.12 ndiyo inodiwa IP kero.

Kutonga kwekugamuchira IP kero uye chiteshi mune iPtables muCentos 7

Kuvhara kunoitika pane imwecheteyo nheyo nekushanduka kumagumo kukosha kwekubvuma kwekudonha. Ipapo inozoitika, semuenzaniso, sudo iptables -a input -p tcp -s 12.12.12.0/224DPORT 22 -J Donhwe.

Kutonga kwekuvhara IP kero uye chiteshi mune iPtables muCentos 7

ICMP ichivharira

ICMP (Internet Kudzora meseji protocol) - A protocol iyo inosanganisirwa muTCP / IP uye inobatanidzwa kutapurudzira mameseji ekukanganisa uye mamiriro ekukurumidzira kana uchishanda traffic. Semuenzaniso, kana server yakakumbirwa isipo, chishandiso ichi chinoita mabasa ebasa. Iyo Ipticas yekushandisa inokutendera kuti uzvidzivirire kuburikidza neiyo firewall, uye iwe unogona kuita kuti ishandise iyo Sudo Iptobes -A Kubuda -P -PMP-TYPMP-TYPMP-TYPL OFLAD CLEAD. Ichavhara zvikumbiro kubva kune yako uye kune yako sevha.

Mutemo wekutanga kuvhara iyo iPilables Plugging muCentos 7

Zvikumbiro zvinouya zvakavharirwa zvishoma zvakasiyana. Ipapo iwe unofanirwa kupinda muSudo Iptables -I Input -p Icmp -pmp-Type 8 -J Donhwe. Mushure mekutora iyi mitemo, seva haizopinduri kuPing zvikumbiro.

Mutemo wechipiri wekukiya plugging mune iptables muCentos 7

Dzivirira zviito zvisina kubvumidzwa pane server

Dzimwe nguva maseva anoiswa pasi peDDOS kurwisa kana zvimwe zviitiko zvisina kubvumidzwa kubva kune vanopinda. Iko kugadziriswa kwakakodzera kweiyo firewall inobvumira kuti uzvidzivirire kubva kune urwu rudzi rwekubiridzira. Kutanga, isu tinokurudzira kuisa mirairo yakadaro:

  1. Isu tinonyora mune Iptables -a Input -P TCP --DPORT 80 -M Limit 20 / miniti - Burst-Burst-Bught . Iwe unogona kudoma chikamu chekuyeuchidzo pachako pachako, semuenzaniso, yechipiri, / miniti, / awa, / zuva. --Limit-burst nhamba - muganho pane nhamba yemapaketi asipo. Zvese kukosha zvinogadziriswa pachako zvichienderana nezvinodiwa nemaneja.

    2. Kutonga Kwekuchengetedza Kubva DDOS mune Iptables muCentos 7

  2. Tevere, iwe unogona kurambidza kutaridzika kwemakumbo akazaruka kuti ubvise chimwe chezvinhu zvinokonzeresa kubereka. Pinda yekutanga sudo iptables -n block-scan command.

    3. Kutonga kwekutanga kurambidza maPrables madorts mune muzana 7

  3. Wobva wataura Sudo Iptables -A Block-Scan-Scan -P -TCP -TCP-Mireza Syn Syn, Fin, RST -M Limit -LIMIT 1 / S -J ROP.

    4. Mutemo wechipiri kurambidza makiromita manomwe

  4. Yekupedzisira yechitatu kuraira ndeye: Sudo Iptables -A Block-Scan -J Donhwe. Block-Scan Kutaura mune idzi kesi - zita redunhu rinoshandiswa.

    5. Mutemo wechitatu kuvhara iyo Scan Port of Iptables muCentos 7

Zvirongwa zvinoratidzwa nhasi ndezvekuti hwaro hwebasa iri muchiridzwa cheMoto. Muzvinyorwa zvepamutemo zvekushandisa iwe uchawana rondedzero yezvese zviripo zvekupokana uye sarudzo uye iwe unogona kugadzirisa iyo firewall zvakananga pasi pezvikumbiro zvako. Pamusoro pemitemo yakajairika yekuchengetedza, iyo inowanzoiswa uye kazhinji kazhinji inodiwa.

Verenga zvimwe

Maitiro ekuisa iyo mbeva yekunzwa muWindows 7
Vamwe vashandisi vanotenda kuti kutuka pane iyo yekutarisa kunoita zvishoma nezvishoma kusvika pakufamba kweiyo mbeva kana, pane zvinopesana, zvinozvikurumidza....
Download D3DX9_25.dll Mahara
Pane imwe nguva, mushandisi anogona kuona iyo D3DX9_25.DLL BHAIBHERI Kanganiso. Inowanikwa panguva yekuvhungwa kwemutambo kana chirongwa chinoshandisa...
Kwaiisa kugarisa mufananidzo muUltraiso
Nguva pfupi yadarika, iwo ma discs akawedzera kuwedzera kupfuura zvakapfuura, uye kwete chete kunze, asiwo ma media anogumisa anodzikiswa akauya kuzotsiva....
Maitiro Ekugadzira Windows 7 kubva kuWindows 10
WindowVS 7 inoshanda system, kunyangwe zvese zvinokanganisa, zvichiri kuzivikanwa pakati pevashandisi. Vazhinji vavo, zvisinei, havasi vakatsaukira...
Maitiro Ekudzima Windows Zvinyorwa
Zvidzoreso zvemhuri yemagariro anoshanda masisitimu, zvinokurudzirwa kuisa pakarepo mushure mekugamuchira ziviso yeiyo iripo package iripo. Muzhinji,...
Maitiro ekugadzirisa iyo crc kukanganisa neiyo hard disk
Kukanganisa mu data (CRC) kunoitika kwete chete neisiti yakavakirwa chete, asi zvakare nemamwe madhiraivhi: USB Flash, Kunze HDD. Izvi zvinowanzoitika...
Cheke ye burger, chii chiri nani
Makwai emakwai anobereka: mazita akanakisa uye hunhu hwavo, iwo marudzi makuru
Mhando dzeMachira - Ndeipi machira, kuiswa kwavo, zita, kuumbwa
Mifananidzo inonamira yausingazombokanganwa
Matambudziko gumi eRenault Renault Arkawan, ndeapi vatengi havafungi
E420 SORBITOL, SORBITONE SYRUP - chiito pahutano, kubatsirwa uye kukuvadza, tsananguro
Kabarga: Ngirozi inonhuwira, dhimoni mafadhiri
Ruzivo runonakidza nezve bonde rebonde, mitemo yayo
Cocaine Bata inogona kutemwa neye mingerprint
All pamusoro Dühs - Cherry uye Cherry Hybrids
Makumbo embwa embwa ari kupa nzira nekuparadzira: zvekuita | sei, zvikonzero
23 Zvikonzero Zvekuitira Hanya NezveKuzvarwa kwaJennifer Lawrence
Iyo Yakanakisa Street Style Inotaridzika Kubva Mazuva 5 uye 6 eParis Fashion Week
Jennifer Aniston Photos | Jennifer Aniston style | Jennifer Aniston mifananidzo
Chibvumirano cheVerdun
Vietnamese-Style Pork Chops ine Fresh Herb Salad
Hobby Lobby Inobata Pamusoro pe5,500 Zvigadzirwa Zvinotengeswa Zvisiri Pamutemo
Chii chinonzi USB Port paNest Hello Yakashandiswa?
Mbatata uye kuputa cheese smart recipe | Zvishoma zvishoma zvekugadzira dhishi yepamusoro
Iwo Akanyanya Kurojesa Fenicha Makambani a2022
Nguva yeblue chii?
Kim Kardashian akambotya kuti 'Haazombofi Kuita Bonde Zvakare'
Soho Loft Ine Huchi-Comb Skylight Yekupedzisira Inotengeswa Ne $2.15 Mamirioni Mushure memwedzi mitanhatu paMusika.
NASA Astronaut Anotaura Nezve Kudzokera Kumba Kubva Hupenyu Munzvimbo
Nzira yekubika mupunga wakabikwa zvinonaka / Mupoto, mubiki unononoka, microwave - chinyorwa chinobva kuchikamu che "Mabikirwo" pane saiti
Prevenge Inoburitsa Yakakura Inotyisa Nyaya Nezve Kutyisa Kwekuva Amai Vanouya
Nzira yekupenda misumari yako munguva yechando: mavara uye maitiro ekuratidza
Neurocomic Inopinda Sei Mumusoro Wako
Vakadzi Vakakurumbira vane ADHD Vakadzidza Kupenya
Samuel L. Jackson anodzivirira kushandisa kwaQuentin Tarantino kwe'N-izwi'
Vashandisi veFirefox chenjerai: CCleaner inopukuta zvigadziriso zveFirefox nekusarudzika
Rihanna Anotumira Mharidzo Nezverunako Aine Webhusaiti Mapikicha Anoratidza Model's Mavanga
Beyond the Beatles: George Harrison's Isingatarisirwi Kubatanidza kuSFF
7 Inotyisa Ford F-150 Mheni Yemagetsi Rori Zvimiro
Gara Mukubatana Iyo Smart Way neWhatsapp - Tumira Uye Gamuchira Mharidzo Yemahara
"Chishamiso": Mambokadzi Akabatana sei Kuti Agadzire Yekirasi

© 2024 Computer Kugadziriswa
Makomputa uye smartphones - mashandiro ebasa uye kugadzirisa, matipi anobatsira

nl en af am ar az be bg bn bs ca ceb cs cy da de el eo es et eu fa fi fr fy ga gl gu ha he hi hmn hr ht hu hy id ig is it ja jv ka kk km kn ko ku ky lb lo lt lv mg mk ml mn mr ms mt my ne no ny or pa pl ps pt ro rw sd si sk sl sm sn so sq sr st su sv sw ta te tg th tk tl tr tt ug uk ur uz vi xh yi yo zh-CN zh-TW zu