eae pessoal....
é o seguinte...
estou com as seguintes regras do firewall de meu pc particular..
iptables -F
iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 -limit 3/min
iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 -limit-burst 3 -j LOG
iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 -syn -j LOG
iptables -A INPUT -s 0/0 -d 0/0 -p icmp -j DROP
iptables -A INPUT -s 0/0 -d 0/0 -p icmp -j LOG
iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 20 -j DROP
iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 21 -j DROP
iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 25 -j DROP
iptables -A INPUT -p tcp --dport 22 -j DROP
iptables -A INPUT -p tcp --dport 22 -j LOG
iptables -A INPUT -p tcp --dport 1024 -j ACCEPT
iptables -A INPUT -p tcp --dport 1024 -j LOG
mas quando dou o comando ./rc.local para carregar esse arquivo que contem as regras aparece isso :
[root@Felipe rc.d]# ./rc.local
iptables v1.2.9: multiple -i flags not allowed
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.9: multiple -i flags not allowed
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.9: multiple -s flags not allowed
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.9: multiple -d flags not allowed
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.9: multiple -d flags not allowed
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.9: multiple -d flags not allowed
Try `iptables -h' or 'iptables --help' for more information.
pq aparece "flags not allowed" ?????
e quando dou o comando iptables -L -v para ver as regras vejo que estao faltando 2 regras .....
[root@Felipe rc.d]# iptables -L -v
Chain INPUT (policy ACCEPT 16308 packets, 5242K bytes)
pkts bytes target prot opt in out source destination
0 0 DROP icmp -- any any anywhere anywhere
0 0 LOG icmp -- any any anywhere anywhere LOG level warning
0 0 DROP tcp -- any any anywhere anywhere tcp dpt:ssh
0 0 LOG tcp -- any any anywhere anywhere tcp dpt:ssh LOG level warning
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:1024
0 0 LOG tcp -- any any anywhere anywhere tcp dpt:1024 LOG level warning
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 17042 packets, 1567K bytes)
pkts bytes target prot opt in out source destination
pq as primeiras nao entraram ???
alguem poderia me ajudar ???
Obrigado. :wink: