Linux 搭建 VPN3

2022-06-30 00:03:49 浏览数 (1)

配置防火墙

配置之前

代码语言：javascript复制

[root@pptp-server ~]# iptables -L -nv 
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
19167   26M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
  101  4646 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
    4   156 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    1    48 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
   11   376 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT 3360 packets, 273K bytes)
 pkts bytes target     prot opt in     out     source               destination         
[root@pptp-server ~]# iptables -L -nv -t nat 
Chain PREROUTING (policy ACCEPT 255 packets, 12222 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 26 packets, 1687 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 26 packets, 1687 bytes)
 pkts bytes target     prot opt in     out     source               destination

Note: 建议在所有的 iptables 变更之前使用 /etc/init.d/iptables save 保存一下，然后将 /etc/sysconfig/iptables 拷贝到一个安全的地方，以方便恢复

安全防火墙 init iptables 配置

0 人点赞