• CentOS firewall iptables setup tutorial


    1. Install iptables firewallHow do I know if iptables is installed in the system? Execute iptables – V, if displayed as:iptables v1.3.5 Note iptables is already installed.If iptables is not installed, you need to install it firstyum install iptables Set up a firewall in Linux. Take CentOS as an example, open the iptables configuration file: […]

  • Detailed explanation of backup and recovery operation of Linux iptables


    1. Location of iptables configuration file: / etc / sysconfig / iptables Master computer: that is, the machine in business operation; Backup machine: that is, when the main control machine fails, switch to the backup machine –Operation on the main control computer——————- 2. Create directory:    Copy code The code is as follows: mkdir -p […]

  • Method of configuring iptables firewall under RedHat (CentOS)


    Set up a firewall in Linux. Take CentOS as an example, open the iptables configuration file: vi /etc/sysconfig/iptables Use the / etc / init.d/iptables status command to query whether port 80 is open. If not, you can handle it in two ways: 1. Modify the VI / etc / sysconfig / iptables command to add […]

  • The basic method of iptables establishing rules and chains


    Rules control the filtering of packets by providing instructions to the firewall about what to do with packets from a source, to a destination, or with a specific protocol type. By using the special command iptables provided by Netfilter / iptables system, these rules are established and added to the chain in the specific packet […]

  • Summary of basic configuration rules of iptables


    Iptables – t NAT – a postrouting – s – O eth0 – J SNAT – to NAT conversionIptables – t NAT – a routing – D – P TCP – dport 80 – J DNAT – to-d port mappingIptables – a input – S 0 / 0 – P ICMP […]

  • Analysis of the difference between SNAT and masquerade in iptables


    1、 SNAT and DNAT concept Iptables can flexibly do all kinds of network address translation (NAT). There are two kinds of network address translation: SNAT and DNAT. SNAT is the abbreviation of source network address translation. For example, multiple PCs use ADSL routers to share the Internet. Each PC is configured with an intranet IP. […]

  • Examples of Linux iptables related configuration and command skills


    start and stopping1. Command: Copy code The code is as follows: service iptables start/stop/restart Or go directly to / etc / init. D /2. Profile:/etc/sysconfig/iptablesIf not, it can be generated with iptables save Framework: tables > chains > rules (target)On the whole, iptables is composed of many chains. Otherwise, how can its old version be […]

  • How to configure iptables to achieve local port forwarding


    sceneIf you are debugging a web program with resin, you need to restart resin frequently. This web program needs to be opened on port 80, and Linux limits ports below 1024 to have root permission. But you don’t want to always have a root terminal open when debugging programs. In this case, you can open […]

  • Detailed explanation of DNAT and SNAT settings in iptables under Linux


    DNAT (destination network address translation) is usually called destination mapping. SNAT (source network address translation) is usually called source mapping.These are two ways we often use when setting up Linux gateway or firewall. I didn’t explain them clearly before. Now I’ll explain them here.First of all, we need to understand the structure of IP packets, […]

  • How to configure iptables for routing function in Linux


    As a company’s Internet router, it needs to realize NAT address translation, DHCP, DNS cache, traffic control and application control. NAT address translation can be directly realized through iptables. DHCP service needs to install dhcpd, DNS cache function needs to use bind, traffic control can use TC, application control: for example, QQ blocking can be […]

  • Introduction to Linux basic commands 7: network transmission and security


    This chapter then introduces the network related commands 1、wgetFile download tool wget [option]… [URL]… wgetIt is a non interactive Downloader, supports HTTP, HTTPS and FTP protocols, and can also use a proxy. The so-called “non interactive” means that you can start awgetDownload the task and exit the system,wgetIt will exit after the download (or exception) […]

  • Firewalld of CentOS 8 has been unbound with iptables


    Article reprinted from: firewalld of CentOS 8 has been unbound with iptables Today, someone came to me and said that the one click installation script I used before is not working well. I hope I can help to see what happened. According to his description, it is preliminarily determined that the system is caused by […]