怪事-RH9启动时 rc.local 中 IPTABLES 的命令(附后面)
不能运行,提示:
------------------------------------------------
[root@redhat9 root]# cd /etc/rc.d
[root@redhat9 rc.d]# ./rc.local
: command not found:
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
: command not found:
'ptables v1.2.7a: Invalid target name `MASQUERADE
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
: 娌℃湁閭d釜鏂囦欢鎴栫洰褰?/proc/sys/net/ipv4/ip_forward
[root@redhat9 rc.d]# iptables -F
[root@redhat9 rc.d]# iptables -t nat -F
[root@redhat9 rc.d]#
------------------------------------------------
IPTABLES 的命令如下:
------------------------------------------------
# Then flush all rules
iptables -F
iptables -t nat -F
# Below means 'route 192.168.1.x'
iptables -t nat -A POSTROUTING -d ! 192.168.1.0/24 -j MASQUERADE
iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT
iptables -A FORWARD -s ! 192.168.1.0/24 -j DROP
# port 113 is evil ;)
iptables -A INPUT --protocol udp --source-port 113 -j DROP
iptables -A INPUT --protocol udp --destination-port 113 -j DROP
# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
------------------------------------------------
# Then flush all rules
/sbin/iptables -F
/sbin/iptables -t nat -F
# Below means 'route 192.168.1.x'
/sbin/iptables -t nat -A POSTROUTING -d ! 192.168.1.0/24 -j MASQUERADE
/sbin/iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -s ! 192.168.1.0/24 -j DROP
# port 113 is evil
/sbin/iptables -A INPUT --protocol udp --source-port 113 -j DROP
/sbin/iptables -A INPUT --protocol udp --destination-port 113 -j DROP
# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
--------------------------------------------------------
单独执行这个脚本的情况如下:
--------------------------------------------------------
[root@redhat9 rc.d]# ./firewall
: bad interpreter: 娌℃湁閭d釜鏂囦欢鎴栫洰褰?[root@redhat9 rc.d]# firewall
bash: firewall: command not found
[root@redhat9 rc.d]# bash firewall
modprobe: Can't locate module
modprobe: Can't locate module
: command not found
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
: command not found
'ptables v1.2.7a: Invalid target name `MASQUERADE
Try `iptables -h' or 'iptables --help' for more information.
: command not found
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found
: 娌℃湁閭d釜鏂囦欢鎴栫洰褰昿roc/sys/net/ipv4/ip_forward
[root@redhat9 rc.d]#
--------------------------------------------------------
我们原来用 I S A 作防火墙, (全-部-盗-板)
现被-微-软-查到,只好买了正版瘟酒吧,防火墙改用REDHAT9
我们用的是ADSL专线,有固定IP
# Then flush all rules
/sbin/iptables -F
/sbin/iptables -t nat -F
# Below means 'route 192.168.1.x'
/sbin/iptables -t nat -A POSTROUTING -d ! 192.168.1.0/24 -j MASQUERADE
/sbin/iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -s ! 192.168.1.0/24 -j DROP
# port 113 is evil
/sbin/iptables -A INPUT --protocol udp --source-port 113 -j DROP
/sbin/iptables -A INPUT --protocol udp --destination-port 113 -j DROP
# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
[root@redhat9 root]# cd /etc/rc.d
[root@redhat9 rc.d]# ./firewall
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
: command not found
'ptables v1.2.7a: Invalid target name `MASQUERADE
Try `iptables -h' or 'iptables --help' for more information.
: command not found
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
: 没有那个文件或目录?/proc/sys/net/ipv4/ip_forward
[root@redhat9 rc.d]#
IP卡
狗仔卡
发表于 2003-5-13 12:13:10
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
