Ndithathwa njengothileyo xa kufikwa kukhuseleko, yiyo loo nto ukusetyenziswa kwe-firewall kubalulekile kum. Kwilaptop yam ndinolwazi olubuthathaka, olubaluleke kakhulu kum; kwaye ngenxa yokuba i-firewall ye-PC ifana nokutshixa okanye ikhuselekile kuthi, sikhumbula ukuba kwikhompyuter sigcina amagama okungena kwi-imeyile, idatha yeakhawunti yebhanki (nabani na onayo), ulwazi lweseva, kunye nolunye ulwazi oluchaphazela ngqo ubomi bethu bomzimba ... kakuhle, ngaphandle kwamathandabuzo hamba kwinethiwekhi ngaphandle i-firewall emiselweyo, ngaphandle kokhuseleko olufanelekileyo kwikhompyuter yethu ayisiyonto ecetyiswayo.
Ngexesha elithile elidlulileyo ndikubonise indlela yokuqala imigaqo ye-iptables ngokuzenzekelayo kwi-distros njenge-Debian, Ubuntu okanye ezinye eziqulathe ifayile /etc/rc.local, nangona kunjalo kwiArchLinux njengoko isebenzisa isistim le fayile ayikho.
Ke, indlela endiyifumene ngayo ukuze iptable zam ziqwalaselwe njengoko ndinqwenela ukwenza iscript esishicilelayo esiqwalasela iptables, emva koko ndiguqule ifayile / / usr / lib / sistimu / inkqubo / iinkqubo zeseva ... kodwa, masingene iinxalenye 🙂
1. Simele yenza iscript esibhaliweyo Inemithetho yethu ye-iptables, into enje: I-Bash + iptables umzekelo weskripthi
2. Emva kokwenza iskripthi, sibhala imithetho yethu kuyo kwaye siyinike imvume yokuphumeza, siyaqhubeka ukuhlela inkonzo ye-iptables yenkqubo:
sudo nano /usr/lib/systemd/system/iptables.service
Siza kufumana into enje:
[Icandelo] Inkcazo = Isakhelo sokucoca iipakethe [IiNkonzo] Uhlobo = ishot ExecStart = / usr / bin / iptables-buyisela /etc/iptables/iptables.rules ExecReload = / usr / bin / iptables-buyisela /etc/iptables/iptables.rules I-ExecStop = / usr / lib / systemd / izikripthi / i-iptables-flush RemainAfterExit = ewe [Faka] i-WantedBy = i-multi-user.target
3. Ukuthatha ukuba iskripthi esasiyenzile ngaphambili sikwi /home/myuser/script-iptables.sh emva koko siya kuyishiya iptables.service fayile esivule ngolu hlobo lulandelayo:
[Icandelo] Inkcazo = Isakhelo sokucoca ipakethe [IiNkonzo] Uhlobo = ishot ExecStart = / ikhaya / myuser / script-iptables.sh ExecReload = / home / myuser / script-iptables.sh ExecStop = / usr / lib / systemd / script / iptables -Ukuhlala uhlala emva kweExit = ewe [Faka] i-WantedBy = multi-user.target
4. Emva koko kufuneka siqiniseke ukuba iptables iqala ngokuzenzekelayo:
sudo systemctl enable iptables
5. Siyiqala:
sudo systemctl start iptables
6. Kwaye singayijonga imigaqo:
sudo iptables -nL
Le yeyona ndlela ilula ndiyifumeneyo (1) ine-bash script yam elungiselela iptables kum, nayo (2) ukuba imigaqo iqale ngokuzenzekelayo kwaye ekugqibeleni (3) ukuba iskripthi ngokwaso sasiyinto ezimeleyo, oko kukuthi, ukuba ngomso ndifuna ukuyisebenzisa kwi-Debian endiyifakayo (umzekelo) ngekhe ndiphinde ndiyilungelelanise kwakhona.
Ngapha koko, ndiyathemba ukuba uyifumene iluncedo 🙂
Phendula nge quote
Izimvo ezi-8, shiya ezakho
Inomdla….
Ngekhe kube lula ukuhlela iifayile ze-iptables.rules, ukuba sele unendawo yokufikelela kwisudo kuya kuba kufanelekile ukuyiguqula, akunjalo?
Ndiyenza ngendlela eyahlukileyo, nangona ndisebenzisa iskripthi osilayishileyo ukumilisela imigaqo.
1- Sazisa inkonzo (ukuba asikayenzi okwangoku):
# systemctl enable iptables.service
# systemctl start iptables.service
2- Siyabona ukuba yeyiphi imigaqo esisebenzayo (sicinga ukuba yonke into ivulekile ukuba akukho nto siyichukumisileyo)
sudo iptables -nvL
3- Sitshintshela kwimigaqo esiyifunayo, sazisa iskripthi soqwalaselo:
# sh /home/miusuario/script-iptables.sh
4- Masibone ukuba itshintshe njani imigaqo esebenzayo:
# iptables -nvL
5- Sigcina uqwalaselo olutsha lwe-iptable ukulungiselela ukuqala kwakhona okuzayo:
# iptables-save > /etc/iptables/iptables.rules
5b- Ukuba sihlela ifayile /etc/iptables/iptables.rules ngesandla ukutshintsha imigaqo, kufuneka siphinde silayishe ubumbeko:
# systemctl reload iptables
Ubuncinci kum kulula ngaloo ndlela. Ndizama ukufunda i-bash kunye ne-kdialog ukulawula useto ngendlela ebonakalayo. Emva kwexesha ndizakuzama ukwenza into epheleleyo ngakumbi nge-qtcreator umzekelo, ukuze ndibenakho ukuba nezikripthi ezininzi zokumisela ngokuxhomekeke kwizixhobo esizilungiselelayo (umzila, iPC, njl ...) ukubona ukuba iyaphuma na.
Ujongano endinalo engqondweni yinto enje.
igophe
http://i1178.photobucket.com/albums/x380/beatfenix/kortafuegos_arch_zpscec2122d.jpeg
Debian
http://i1178.photobucket.com/albums/x380/beatfenix/kortafuegos_deb_zps75ada7c4.jpeg
Le captcha yezimvo isisihluzi se-bug, nceda utshintshe uye kwenye okanye uyihlaziye kuba iyacaphukisa emva kwemizamo emininzi.
Ikwayinto enye esetyenziswe yi-humanOS, iFirefoxmanía .. mhlawumbi iyinto ene-cache.
Ewe, andisathethi ke kwezi zimbini.
Regards,
Esi sihloko siluncedo kakhulu.
Ngaphandle kwamathandabuzo kwabo banomdla kukhuseleko lwenkcukacha ezigcinwe kwiPC yethu; "Iptable" sesinye sezixhobo ekufuneka kufundwe ukuzisebenzisa; nangona, ngokubaluleka kwayo kunzima ukufunda.
Ndiyifumene le vidiyo ngesihloko endinethemba lokuba uya kundivumela ukuba ndibelane ngedilesi ye-imeyile "http://www.youtube.com/watch?v=Z6a-K_8FT_Y"; Ummangaliso wam kukuba, yinto eyahlukileyo kule ingoku apha. Kodwa ke, ndicinga ukuba izakubangelwa kukwahlukahlukana konikezelo olune-GNU / Linux (i-ARCH, i-DEBIAN, i-SUSE, njl.njl), kuya kufuneka sifunde kunjalo.