iptables

root>yum install xinetd

root> ldd $(which rsyslogd sshd xinetd httpd)

root> for name in rsyslogd sshd xinetd httpd; do echo $name;  > ldd $(which $name)  |  grep libwrap;  done

root>vi /etc/hosts.allow

root>vi /etc/hosts.deny

================================

root> iptables -L -n

root>iptables-save

root>iptables -F

root>iptables -X

root>iptables -Z

======IP, domain, Device=========================

root>iptables -A INPUT -i eth1 -s 192.168.100.0/24 -j ACCEPT

root>iptables -A INPUT -i eth1 -s 192.168.100.10 -j ACCEPT

root> iptables -A INPUT -i eth1 -s 192.168.100.230 -j DROP

root>iptables -A INPUT -s 192.168.2.200 -j LOG

（/var/log/messages）

root>iptables -L -n

＝=====PORT==============================

root>iptables -A INPUT -i etho -p tcp --dport 21 -j DROP

root>iptables -A INPUT -i eth0 -p udp --dport 137:138 -j ACCEPT

root>iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT

root>iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT

root>iptables -A INPUT -i eth0 -p tcp -s 192.168.1.0/24 --sport 1024:65534 --dport ssh -j DROP

======MAC & state===============================

root> iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

root> iptables -A INPUT -m state --state INVALID -j DROP

root>iptables -A INPUT -m mac --mac--source aa:bb:cc:dd:ee:ff -j ACCEPT

===============================================

root>mkdir -p /usr/local/virus/iptables

root>cd /usr/local/virus/iptables

root>vim iptables.rule

iptables_rule.txt dos2unix

root>vim iptables.allow

iptables -A INPUT -i eth0 -s 140.116.44.0/24 -j ACCEPT

root> vim iptables.deny

iptables -A INPUT -i eth0 -s 140.116.44.24 -j DROP

root>chmod 700 iptables.*

root>vim /etc/rc.d/rc.local

/usr/local/virus/iptables/iptables.rule