Página 1 de 2 12 ÚltimoÚltimo
+ Responder ao Tópico



  1. Olá, quando dou um service iptables restart, dá tudo ok e sobem as regras normalmente, porém quando ativo o iptables no ntsysv e reinicio o PC, fica parado 16 minutos "Applying iptables firewall rules", porém não posso esperar 16 minutos toda vez que reinicar o PC.

    Segue script de firewall (/etc/sysconfig/iptables)

    # Generated by iptables-save v1.2.3 on Sun May 25 21:28:47 2003
    *mangle
    :PREROUTING ACCEPT [272:15737]
    :OUTPUT ACCEPT [151:11002]
    COMMIT
    # Completed on Sun May 25 21:28:47 2003
    # Generated by iptables-save v1.2.3 on Sun May 25 21:28:47 2003
    *nat
    :PREROUTING ACCEPT [90:5520]
    :POSTROUTING ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    -A POSTROUTING -s 192.168.254.0/255.255.255.0 -d 10.3.0.0/255.255.0.0 -j MASQUERADE
    COMMIT
    # Completed on Sun May 25 21:28:47 2003
    # Generated by iptables-save v1.2.3 on Sun May 25 21:28:47 2003
    *filter
    :INPUT DROP [85:5100]
    :FORWARD DROP [0:0]
    :OUTPUT DROP [0:0]
    :VPN - [0:0]
    -A INPUT -d 200.232.9.5 -p tcp -m tcp --dport 1723 -j ACCEPT
    -A INPUT -d 200.232.9.5 -p 47 -j ACCEPT
    -A INPUT -s 192.168.254.0/255.255.255.0 -p icmp -j ACCEPT
    -A INPUT -s 200.206.232.200 -p tcp -m tcp --dport 22 -j ACCEPT
    -A INPUT -s 200.168.57.189 -p tcp -m tcp --dport 22 -j ACCEPT
    -A INPUT -s 200.161.31.32 -p tcp -m tcp --dport 22 -j ACCEPT
    -A INPUT -d 200.232.9.30 -p udp -m udp --dport 1645 -j ACCEPT
    -A INPUT -d 200.232.9.30 -p udp -m udp --dport 1646 -j ACCEPT
    -A FORWARD -s 192.168.254.0/255.255.255.0 -d 10.3.0.0/255.255.0.0 -j VPN
    -A FORWARD -s 10.3.0.0/255.255.0.0 -d 192.168.254.0/255.255.255.0 -j VPN
    -A OUTPUT -s 200.232.9.5 -p tcp -m tcp --sport 1723 -j ACCEPT
    -A OUTPUT -s 200.232.9.5 -p 47 -j ACCEPT
    -A OUTPUT -d 192.168.254.0/255.255.255.0 -p icmp -j ACCEPT
    -A OUTPUT -d 200.206.232.200 -p tcp -m tcp --sport 22 -j ACCEPT
    -A OUTPUT -d 200.168.57.189 -p tcp -m tcp --sport 22 -j ACCEPT
    -A OUTPUT -d 200.161.31.32 -p tcp -m tcp --sport 22 -j ACCEPT
    -A OUTPUT -s 200.232.9.30 -p udp -m udp --sport 1645 -j ACCEPT
    -A OUTPUT -s 200.232.9.30 -p udp -m udp --sport 1646 -j ACCEPT
    -A VPN -j DROP
    COMMIT
    # Completed on Sun May 25 21:28:47 2003

  2. esperimente colocar o script no seu /etc/rc.local
    e reinicie a maq.



  3. Esse script não da p/ colocar no rc.local, pois da erros:

    etc/sysconfig/iptables-config: line 2: *mangle: command not found
    /etc/sysconfig/iptables-config: line 3: :PREROUTING: command not found
    /etc/sysconfig/iptables-config: line 4: :OUTPUT: command not found
    /etc/sysconfig/iptables-config: line 5: COMMIT: command not found
    /etc/sysconfig/iptables-config: line 8: *nat: command not found
    /etc/sysconfig/iptables-config: line 9: :PREROUTING: command not found
    /etc/sysconfig/iptables-config: line 10: :POSTROUTING: command not found
    /etc/sysconfig/iptables-config: line 11: :OUTPUT: command not found
    /etc/sysconfig/iptables-config: line 12: -A: command not found
    /etc/sysconfig/iptables-config: line 13: COMMIT: command not found
    /etc/sysconfig/iptables-config: line 16: *filter: command not found
    /etc/sysconfig/iptables-config: line 17: :INPUT: command not found
    /etc/sysconfig/iptables-config: line 18: :FORWARD: command not found
    /etc/sysconfig/iptables-config: line 19: :OUTPUT: command not found
    /etc/sysconfig/iptables-config: line 20: :VPN: command not found
    /etc/sysconfig/iptables-config: line 21: -A: command not found
    /etc/sysconfig/iptables-config: line 22: -A: command not found
    /etc/sysconfig/iptables-config: line 23: -A: command not found
    /etc/sysconfig/iptables-config: line 24: -A: command not found
    /etc/sysconfig/iptables-config: line 25: -A: command not found
    /etc/sysconfig/iptables-config: line 26: -A: command not found
    /etc/sysconfig/iptables-config: line 27: -A: command not found
    /etc/sysconfig/iptables-config: line 28: -A: command not found
    /etc/sysconfig/iptables-config: line 29: -A: command not found
    /etc/sysconfig/iptables-config: line 30: -A: command not found
    /etc/sysconfig/iptables-config: line 31: -A: command not found
    /etc/sysconfig/iptables-config: line 32: -A: command not found
    /etc/sysconfig/iptables-config: line 33: -A: command not found
    /etc/sysconfig/iptables-config: line 34: -A: command not found
    /etc/sysconfig/iptables-config: line 35: -A: command not found
    /etc/sysconfig/iptables-config: line 36: -A: command not found
    /etc/sysconfig/iptables-config: line 37: -A: command not found
    /etc/sysconfig/iptables-config: line 38: -A: command not found
    /etc/sysconfig/iptables-config: line 39: -A: command not found
    /etc/sysconfig/iptables-config: line 40: COMMIT: command not found

  4. crie o arquivo e dentro do rc.local vc aponta esse arquivo...
    por exemplo:

    /root/scritp/firewall.sh

    dentro desse arquivo vc coloca as regras do iptables...



  5. Mesma coisa, quando executo o script da erro, sendo assim nem vou coloca-lo na inicialização

    Seguem erros:

    [root@localhost init.d]# ./firewall
    ./firewall: line 2: *filter: command not found
    ./firewall: line 3: :INPUT: command not found
    ./firewall: line 4: :FORWARD: command not found
    ./firewall: line 5: :OUTPUT: command not found
    ./firewall: line 6: :VPN: command not found
    ./firewall: line 7: -A: command not found
    ./firewall: line 8: -A: command not found
    ./firewall: line 9: -A: command not found
    ./firewall: line 10: -A: command not found
    ./firewall: line 11: -A: command not found
    ./firewall: line 12: -A: command not found
    ./firewall: line 13: -A: command not found
    ./firewall: line 14: -A: command not found
    ./firewall: line 15: -A: command not found
    ./firewall: line 16: -A: command not found
    ./firewall: line 17: -A: command not found
    ./firewall: line 18: -A: command not found
    ./firewall: line 19: -A: command not found
    ./firewall: line 20: -A: command not found
    ./firewall: line 21: -A: command not found
    ./firewall: line 22: -A: command not found
    ./firewall: line 23: -A: command not found
    ./firewall: line 24: -A: command not found
    ./firewall: line 25: COMMIT: command not found
    ./firewall: line 28: *nat: command not found
    ./firewall: line 29: :PREROUTING: command not found
    ./firewall: line 30: :POSTROUTING: command not found
    ./firewall: line 31: :OUTPUT: command not found
    ./firewall: line 32: -A: command not found
    ./firewall: line 33: COMMIT: command not found
    ./firewall: line 36: *mangle: command not found
    ./firewall: line 37: :PREROUTING: command not found
    ./firewall: line 38: :INPUT: command not found
    ./firewall: line 39: :FORWARD: command not found
    ./firewall: line 40: :OUTPUT: command not found
    ./firewall: line 41: :POSTROUTING: command not found
    ./firewall: line 42: COMMIT: command not found






Tópicos Similares

  1. FALHA NA INICIALIZAÇÃO
    Por no fórum Servidores de Rede
    Respostas: 4
    Último Post: 16-04-2003, 13:08
  2. Carregar Script Automático na Inicialização
    Por fereggert no fórum Servidores de Rede
    Respostas: 8
    Último Post: 19-03-2003, 14:47
  3. Executar programa na inicialização do SUSE
    Por neurobashing no fórum Servidores de Rede
    Respostas: 1
    Último Post: 17-08-2002, 11:11
  4. executar programa na inicialização do linux!
    Por joe_fox no fórum Servidores de Rede
    Respostas: 3
    Último Post: 15-08-2002, 21:50
  5. Placa de som paraliza o sistema na inicialização
    Por Lecasso no fórum Servidores de Rede
    Respostas: 0
    Último Post: 03-06-2002, 17:31

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L