[보안] iptabls 기본 보안 정책

by 서진우 · Published 2004년 9월 20일 · Updated 2014년 12월 24일

#!/bin/sh

#

#

#  This NetFilter Ruleset is Default Ruleset in Technical team of clunix

#  This script is Firewall configuration for local host

#

#                                               maker – alang@clunix.com

#

iptables -F

iptables -X

iptables -P INPUT DROP

iptables -P OUTPUT ACCEPT

iptables -P FORWARD DROP

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -i eth0 -p tcp ! –syn -j ACCEPT

iptables -A INPUT -i eth0 -p tcp –sport 53 -j ACCEPT

iptables -A INPUT -i eth0 -p udp –sport 53 -j ACCEPT

#####################################################################

#

# TCP Rule

#

#####################################################################

iptables -N IN_TCP

iptables -A IN_TCP -p tcp –dport 21 -j ACCEPT

iptables -A IN_TCP -p tcp –dport 22 -j ACCEPT

iptables -A IN_TCP -p tcp –dport 25 -j ACCEPT

iptables -A IN_TCP -p tcp –dport 53 -j ACCEPT

iptables -A IN_TCP -p tcp –dport 80 -j ACCEPT

iptables -A IN_TCP -p tcp –dport 110 -j ACCEPT

iptables -A IN_TCP -p tcp –dport 953 -j ACCEPT

iptables -A IN_TCP -m state –state ESTABLISHED,RELATED -j ACCEPT

iptables -A IN_TCP -j DROP

#####################################################################

#

# UDP Rule

#

#####################################################################

iptables -N IN_UDP

iptables -A IN_UDP -p udp –dport 53 -j ACCEPT

#iptables -A IN_UDP -p udp –sport 53 -j ACCEPT

iptables -A IN_UDP -p udp –dport 953 -j ACCEPT

#iptables -A IN_UDP -i eth0 -p udp –sport 53 -j ACCEPT

iptables -A IN_UDP -j DROP

#####################################################################

#

# ICMP Rule

#

#####################################################################

iptables -N IN_ICMP

iptables -A IN_ICMP -i eth0 -p icmp –icmp-type 0 -j ACCEPT

iptables -A IN_ICMP -i eth0 -p icmp –icmp-type 3 -j ACCEPT

iptables -A IN_ICMP -i eth0 -p icmp –icmp-type 5 -j ACCEPT

iptables -A IN_ICMP -i eth0 -p icmp –icmp-type 8 -j ACCEPT

iptables -A IN_ICMP -i eth0 -p icmp –icmp-type 11 -j ACCEPT

#iptables -A IN_ICMP -j ACCEPT

#####################################################################

#

# Chains Rule

#

#####################################################################

iptables -A INPUT -p tcp -j IN_TCP

iptables -A INPUT -p udp -j IN_UDP

iptables -A INPUT -p icmp -j IN_ICMP

월	화	수	목	금	토	일
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

[보안] iptabls 기본 보안 정책

You may also like...

페이스북/트위트/구글 계정으로 댓글 가능합니다. 응답 취소

알림글

시스존 통합 검색

카테고리

[보안] iptabls 기본 보안 정책

You may also like...

[보안] iptables 의 기본 계념과 사용법

호스트간의 데이터 동기화를 위한 rsync 설정

bacula를 이용한 online 백업 시스템 환경 구축하기 [1]

페이스북/트위트/구글 계정으로 댓글 가능합니다. 응답 취소

알림글

시스존 통합 검색

카테고리