亚洲香蕉成人av网站在线观看_欧美精品成人91久久久久久久_久久久久久久久久久亚洲_热久久视久久精品18亚洲精品_国产精自产拍久久久久久_亚洲色图国产精品_91精品国产网站_中文字幕欧美日韩精品_国产精品久久久久久亚洲调教_国产精品久久一区_性夜试看影院91社区_97在线观看视频国产_68精品久久久久久欧美_欧美精品在线观看_国产精品一区二区久久精品_欧美老女人bb

首頁 > 網站 > 幫助中心 > 正文

iptables的使用

2024-07-09 22:50:13
字體:
來源:轉載
供稿:網友

# iptables filter

 

- iptables -F #清空所有規則

- service iptables save #保存規則

- iptables -t nat #-t指定表

- iptables -Z #將計數器清零

- iptables -A INPUT -s 192.168.188.1 -p tcp --sport 1234 -d 192.168.188.128 --dport 80 -j DROP

- iptables -I/-A/-D INPUT -s 1.1.1.1 -j DROP

- iptables -I INPUT -s 192.168.1.0/24 -i eth0 -j ACCEPT

- iptables -nvL --line-numbers

- iptables -D INPUT 1

- iptables -P INPUT DROP

 

 

 

 

 

 

```

[root@localhost ~]# iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

  193 12868 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

6   552 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

   10  2365 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 112 packets, 12324 bytes)

 pkts bytes target     prot opt in     out     source               destination         

```

iptables規則記錄在/etc/sysconfig/iptables的配置文件中

```

[root@localhost ~]# cat /etc/sysconfig/iptables

# sample configuration for iptables service

# you can edit this manually or use system-config-firewall

# please do not ask us to add additional ports/services to this default configuration

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT[root@localhost ~]# iptables -F

```

```

[root@localhost ~]# iptables -nvL

Chain INPUT (policy ACCEPT 6 packets, 428 bytes)

 pkts bytes target     prot opt in     out     source               destination         

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

 

Chain OUTPUT (policy ACCEPT 4 packets, 448 bytes)

 pkts bytes target     prot opt in     out     source               destination

[root@localhost ~]# cat /etc/sysconfig/iptables

# sample configuration for iptables service

# you can edit this manually or use system-config-firewall

# please do not ask us to add additional ports/services to this default configuration

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT

 

```

重啟服務,iptables規則重置

```

[root@localhost ~]# service iptables restart

Redirecting to /bin/systemctl restart iptables.service

[root@localhost ~]# iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

8   576 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 5 packets, 716 bytes)

 pkts bytes target     prot opt in     out     source               destination

[root@localhost ~]# service iptables save

 

```

 

```

[root@localhost ~]# iptables -t filter -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

   68  4536 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

1   229 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 38 packets, 5024 bytes)

 pkts bytes target     prot opt in     out     source               destination

[root@localhost ~]# iptables -t nat -nvL

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

 

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

 

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

 

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination

```

iptables -Z #將計數器清零pktsbytes

```

[root@localhost ~]# iptables -Z ; iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination

```

 

[root[@localhost](https://my.oschina.net/u/570656) ~]# iptables -A INPUT -s 192.168.188.1 -p tcp --sport 1234 -d 192.168.188.128 --dport 80 -j DROP/REJECT

 

iptables -A #插入到后面

```

[root@localhost ~]# iptables -A INPUT -s 192.168.188.1 -p tcp --sport 1234 -d 192.168.188.128 --dport 80 -j DROP

[root@localhost ~]# iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

  354 23684 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

   13  1196 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

  383 47064 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

0     0 DROP       tcp  --  *      *       192.168.188.1        192.168.188.128      tcp spt:1234 dpt:80

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 23 packets, 2212 bytes)

 pkts bytes target     prot opt in     out     source               destination

```

> 0     0 DROP       tcp  --  *      *       192.168.188.1        192.168.188.128      tcp spt:1234 dpt:80

 

iptables -I #插入到前面

```

[root@localhost ~]# iptables -I INPUT -p tcp --dport 80 -j DROP

[root@localhost ~]# iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80

  513 35132 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

   13  1196 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

  384 47308 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

0     0 DROP       tcp  --  *      *       192.168.188.1        192.168.188.128      tcp spt:1234 dpt:80

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 7 packets, 1156 bytes)

 pkts bytes target     prot opt in     out     source               destination

 

```

iptables -D #刪除

```

[root@localhost ~]# iptables -D INPUT -p tcp --dport 80 -j DROP

[root@localhost ~]# iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

  605 42492 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

   17  1564 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

  672 75245 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

0     0 DROP       tcp  --  *      *       192.168.188.1        192.168.188.128      tcp spt:1234 dpt:80

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 19 packets, 1972 bytes)

 pkts bytes target     prot opt in     out     source               destination  

[root@localhost ~]# iptables -D INPUT -s 192.168.188.1 -p tcp --sport 1234 -d 192.168.188.128 --dport 80 -j DROP

[root@localhost ~]# iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

  744 55092 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

   18  1656 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

  673 75489 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 17 packets, 1628 bytes)

 pkts bytes target     prot opt in     out     source               destination  

```

> 刪除iptables的規則,但是重新書寫一條規則或許太麻煩或者忘記規則的寫法時

 

```

 

[root@localhost ~]# iptables -A INPUT -s 192.168.188.1 -p tcp --sport 1234 -d 192.168.188.128 --dport 80 -j DROP

[root@localhost ~]# iptables -I INPUT -p tcp --dport 80 -j DROP

[root@localhost ~]# iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80

  912 70948 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

   18  1656 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

  674 75718 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

0     0 DROP       tcp  --  *      *       192.168.188.1        192.168.188.128      tcp spt:1234 dpt:80

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 7 packets, 1364 bytes)

 pkts bytes target     prot opt in     out     source               destination

```

iptables -nvL --line-number

```

[root@localhost ~]# iptables -nvL --line-number

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

num   pkts bytes target     prot opt in     out     source               destination         

1        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80

2     1010 77416 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

3        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

4        0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

5       18  1656 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

6      674 75718 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

7        0     0 DROP       tcp  --  *      *       192.168.188.1        192.168.188.128      tcp spt:1234 dpt:80

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

num   pkts bytes target     prot opt in     out     source               destination         

1        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 59 packets, 7820 bytes)

num   pkts bytes target     prot opt in     out     source               destination

```

```

[root@localhost ~]# iptables -D INPUT 1

[root@localhost ~]# iptables -D INPUT 7

iptables: Index of deletion too big.

[root@localhost ~]# iptables -D INPUT 6

[root@localhost ~]# iptables -nvL --line-number

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

num   pkts bytes target     prot opt in     out     source               destination         

1     1165 87732 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

2        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

3        0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

4       19  1748 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

5      674 75718 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

num   pkts bytes target     prot opt in     out     source               destination         

1        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy ACCEPT 42 packets, 4056 bytes)

num   pkts bytes target     prot opt in     out     source               destination

```

 

iptables -P #默認規則

```

[root@localhost ~]# iptables -P OUTPUT DROP

```

 

> 終端使用DROP規則會使原本數據包在22端口通信,接收不了數據,在返回給客戶端再返回給終端,結果到達不了終端,然后接收不了數據就會導致斷開終端連接,解決辦法到主機上將規則改回ACCEPT

 

```

[root@localhost ~]# iptables -nvL --line-number

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

num   pkts bytes target     prot opt in     out     source               destination         

1     1165 87732 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

2        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

3        0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

4       19  1748 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22

5      674 75718 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

num   pkts bytes target     prot opt in     out     source               destination         

1        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

 

Chain OUTPUT (policy DROP 37 packets, 24648 bytes)

num   pkts bytes target     prot opt in     out     source               destination

[root@localhost ~]# iptables -P OUTPUT ACCEPT

```

 

> -s #ip

-p #指定協議

--sport #源端口號

-d #目標ip

--dport #目標端口號

-j #行為

 

 

#iptables小案例

 

```

vi /usr/local/sbin/iptables.sh

#!/bin/bash

ipt="/usr/sbin/iptables"

$ipt -F

$ipt -P INPUT DROP

$ipt -P OUTPUT ACCEPT

$ipt -P FORWARD ACCEPT

$ipt -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

$ipt -A INPUT -s 192.168.133.0/24 -p tcp --dport 22 -J ACCEPT

$ipt -A INPUT -p tcp --dprot 80 -j ACCEPT

$ipt -A INPUT -p tcp --dprot 21 -j ACCEPT

 

icmp示例

iptables -I INPUT -p icmp --icmp-type 8 -j DROP

 

```

 

 

```

[root@localhost ~]# vim /usr/local/sbin/iptables.sh

#!/bin/bash

ipt="/usr/sbin/iptables"

$ipt -F

$ipt -P INPUT DROP

$ipt -P OUTPUT ACCEPT

$ipt -P FORWARD ACCEPT

$ipt -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

$ipt -A INPUT -s 192.168.133.0/24 -p tcp --dport 22 -j ACCEPT

$ipt -A INPUT -p tcp --dport 80 -j ACCEPT

$ipt -A INPUT -p tcp --dport 21 -j ACCEPT

```

> tcp協議里ESTABLISHED是保持連接,RELATED狀態

 

```

[root@localhost ~]# w

 22:10:01 up 1 day, 20:48,  2 users,  load average: 0.00, 0.01, 0.05

USER     TTY        LOGIN@   IDLE   JCPU   PCPU WHAT

root     tty1      06:40   15:23m  0.42s  0.42s -bash

root     pts/0     21:50    1.00s  0.45s  0.00s w

[root@localhost ~]# sh /usr/local/sbin/iptables.sh

[root@localhost ~]# iptables -nvL

Chain INPUT (policy DROP 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

   28  1848 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     tcp  --  *      *       192.168.133.0/24     0.0.0.0/0            tcp dpt:22

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:21

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

 

Chain OUTPUT (policy ACCEPT 15 packets, 1428 bytes)

 pkts bytes target     prot opt in     out     source               destination

[root@localhost ~]# iptables -nvL

Chain INPUT (policy DROP 1 packets, 229 bytes)

 pkts bytes target     prot opt in     out     source               destination         

   41  2712 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

0     0 ACCEPT     tcp  --  *      *       192.168.133.0/24     0.0.0.0/0            tcp dpt:22

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:21

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

 

Chain OUTPUT (policy ACCEPT 27 packets, 3628 bytes)

 pkts bytes target     prot opt in     out     source               destination  

[root@localhost ~]# service iptables restart #此命令為重啟iptables服務

Redirecting to /bin/systemctl restart iptables.service

```

> 可以看出pkts bytes的值正在增長

 

 

icmp案例

Windows

```

C:UsersAdministrator>ping 192.168.9.134


正在 Ping 192.168.9.134 具有 32 字節的數據:

來自 192.168.9.134 的回復: 字節=32 時間<1ms TTL=64

來自 192.168.9.134 的回復: 字節=32 時間<1ms TTL=64

來自 192.168.9.134 的回復: 字節=32 時間<1ms TTL=64

來自 192.168.9.134 的回復: 字節=32 時間<1ms TTL=64

 

192.168.9.134 Ping 統計信息:

    數據包: 已發送 = 4,已接收 = 4,丟失 = 0 (0% 丟失),

往返行程的估計時間(以毫秒為單位):

    最短 = 0ms,最長 = 0ms,平均 = 0ms

```

Linux

```

[root@localhost ~]# iptables -I INPUT -p icmp --icmp-type 8 -j DROP

```

> 使icmp被禁止了,--icmp-type 8icmp8種類型

 

Windows

```

C:UsersAdministrator>ping 192.168.9.134

 

正在 Ping 192.168.9.134 具有 32 字節的數據:

請求超時。

請求超時。

請求超時。

請求超時。

 

192.168.9.134

發表評論 共有條評論
用戶名: 密碼:
驗證碼: 匿名發表
亚洲香蕉成人av网站在线观看_欧美精品成人91久久久久久久_久久久久久久久久久亚洲_热久久视久久精品18亚洲精品_国产精自产拍久久久久久_亚洲色图国产精品_91精品国产网站_中文字幕欧美日韩精品_国产精品久久久久久亚洲调教_国产精品久久一区_性夜试看影院91社区_97在线观看视频国产_68精品久久久久久欧美_欧美精品在线观看_国产精品一区二区久久精品_欧美老女人bb
久久伊人色综合| 中日韩美女免费视频网站在线观看| 性欧美亚洲xxxx乳在线观看| 不卡av在线播放| 69av在线播放| 日韩在线免费视频观看| 精品国产精品三级精品av网址| 亚洲电影免费观看高清完整版在线| 欧洲亚洲女同hd| 亚洲精品视频网上网址在线观看| 中文字幕日韩电影| 亚洲欧美精品中文字幕在线| 久久中国妇女中文字幕| 九九九热精品免费视频观看网站| 欧美日韩久久久久| 国产精品成人一区二区三区吃奶| 日韩欧美在线第一页| 欧美专区福利在线| 国产精品久久久久av| 久久久久久免费精品| 97视频在线免费观看| 国产美女主播一区| 日本精品久久久久久久| 欧美一级视频免费在线观看| 高清欧美性猛交xxxx黑人猛交| 日韩av在线免播放器| 国产综合香蕉五月婷在线| 亚洲第一色在线| 一个色综合导航| 色阁综合伊人av| 亚洲а∨天堂久久精品喷水| 中文字幕日韩av电影| 亚洲成年人在线| 亚洲国产精品推荐| 亚洲国产美女精品久久久久∴| 日韩精品亚洲元码| 91理论片午午论夜理片久久| 日韩影视在线观看| 欧美大片大片在线播放| 欧美日韩一区二区三区| 亚洲一区二区自拍| 69av成年福利视频| 精品国产一区二区三区在线观看| 国产精品女主播| 日本高清+成人网在线观看| 成人精品视频在线| 国产精品99蜜臀久久不卡二区| 91av在线影院| 亚洲国产精品va在线看黑人| 在线观看中文字幕亚洲| 欧美片一区二区三区| 日韩久久精品成人| 91免费电影网站| 欧美黑人xxxⅹ高潮交| 国产视频欧美视频| 亚洲自拍中文字幕| 久久综合国产精品台湾中文娱乐网| 欧美视频免费在线| 亚洲色图国产精品| 国产精品亚洲自拍| 国产v综合v亚洲欧美久久| 久久久久久久久亚洲| 一本一本久久a久久精品牛牛影视| 97视频国产在线| 国产成人高潮免费观看精品| 国产女同一区二区| 亚洲欧洲在线免费| 国产精品一区二区性色av| 亚洲免费av网址| 亚洲精品视频网上网址在线观看| 丝袜亚洲另类欧美重口| 在线电影欧美日韩一区二区私密| 久久国产精品久久精品| 欧美成人精品激情在线观看| 日韩电影免费在线观看| 成人激情视频免费在线| 国产精品免费久久久久影院| 日韩欧美国产高清91| 蜜臀久久99精品久久久久久宅男| 亚洲男人的天堂在线| 92国产精品视频| 日本精品久久久| 国产精品久久久久久亚洲影视| 中文字幕日本精品| 欧美性猛交xxxx免费看久久久| 成人免费看吃奶视频网站| 国产精品美女在线| 综合欧美国产视频二区| 久久亚洲私人国产精品va| 日本电影亚洲天堂| 久久久成人精品视频| 日韩中文字幕在线观看| 国产一区红桃视频| www.亚洲免费视频| 久久精品2019中文字幕| 亚洲国产欧美一区二区三区同亚洲| 欧美怡春院一区二区三区| 国产日韩av在线播放| 国内精品久久久久影院优| 亚洲欧美一区二区激情| 俺去了亚洲欧美日韩| 中文字幕一区电影| 亚洲欧美日韩精品久久亚洲区| 日韩欧美在线视频| 一区二区在线免费视频| 精品国产欧美一区二区五十路| 亚洲人在线观看| 欧美极品少妇xxxxx| 欧美疯狂性受xxxxx另类| 亚洲网在线观看| 精品无人国产偷自产在线| www.欧美免费| 在线国产精品播放| 欧美做爰性生交视频| 日本精品久久久| 欧美激情视频给我| 欧美激情一级二级| 国产黑人绿帽在线第一区| 日韩精品视频免费| 国产91网红主播在线观看| 久久九九有精品国产23| 久久久人成影片一区二区三区观看| 久久久久久久久电影| 91免费高清视频| 欧美精品第一页在线播放| 在线精品国产欧美| 911国产网站尤物在线观看| 精品久久在线播放| 国产女同一区二区| 久久精品亚洲国产| 欧美在线免费视频| 日韩在线精品视频| 国产精品久久婷婷六月丁香| 日韩欧美a级成人黄色| 欧美激情视频在线免费观看 欧美视频免费一| 国产精品国产三级国产aⅴ浪潮| 日韩亚洲精品视频| 久久久久亚洲精品| 欧美日韩国产中字| 久久久国产成人精品| 亚洲天堂av在线免费观看| 福利微拍一区二区| 欧美日在线观看| 亚洲最大成人网色| 欧美激情一区二区三区成人| 全亚洲最色的网站在线观看| 精品福利在线看| 77777亚洲午夜久久多人| 91精品国产综合久久男男| 久久久久久久国产| 欧美噜噜久久久xxx| 国产亚洲欧美日韩一区二区| 在线视频欧美日韩精品| 在线成人激情黄色| 日韩久久精品成人| 亚洲精品美女网站| 国产精品海角社区在线观看| 精品国产户外野外| 日韩中文字幕网址| 日韩av在线电影网| 欧美日韩在线观看视频| 亚洲第一免费播放区| 亚洲欧美日韩爽爽影院| 国产69精品99久久久久久宅男|