История изменений
Исправление soomrack, (текущая версия) :
А зачем?
Делай iptables-restore «имя файла», iptables-save
# Generated by iptables-save v1.4.21 on Mon Aug 18 22:23:40 2014 *filter :INPUT ACCEPT [5:952] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1192099:595387635] # accept all from localhost -A INPUT -s 127.0.0.1 -j ACCEPT # accept all previously established connections -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # permit people to ssh into this computer -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT # permit ftp and web hosting services #-A INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT # permit windows file sharing #-A INPUT -p tcp -m state --state NEW -m tcp --dport 137:139 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 426 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 445 -j ACCEPT # permit five ports for bitorrent #-A INPUT -p tcp -m state --state NEW -m tcp --dport 6881:6886 -j ACCEPT # reject all other packets coming into the computer, even from other computers in the local area network -A INPUT -j REJECT --reject-with icmp-port-unreachable COMMIT # Completed on Mon Aug 18 22:23:40 2014
PS: на локальной машине проверь открытые порты, nmap -sS 192.168.1.101
Исходная версия soomrack, :
А зачем?
Делай iptables-restore «имя файла»
# Generated by iptables-save v1.4.21 on Mon Aug 18 22:23:40 2014 *filter :INPUT ACCEPT [5:952] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1192099:595387635] # accept all from localhost -A INPUT -s 127.0.0.1 -j ACCEPT # accept all previously established connections -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # permit people to ssh into this computer -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT # permit ftp and web hosting services #-A INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT # permit windows file sharing #-A INPUT -p tcp -m state --state NEW -m tcp --dport 137:139 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 426 -j ACCEPT #-A INPUT -p tcp -m state --state NEW -m tcp --dport 445 -j ACCEPT # permit five ports for bitorrent #-A INPUT -p tcp -m state --state NEW -m tcp --dport 6881:6886 -j ACCEPT # reject all other packets coming into the computer, even from other computers in the local area network -A INPUT -j REJECT --reject-with icmp-port-unreachable COMMIT # Completed on Mon Aug 18 22:23:40 2014
PS: на локальной машине проверь открытые порты, nmap -sS 192.168.1.101