[前置動作] aptitude install shorewall [設定shorewall] nano /etc/default/shorewall startup=0 改為 startup=1 cd /usr/share/doc/shorewal...
[前置動作]
aptitude install shorewall
[設定shorewall]
nano /etc/default/shorewall
startup=0
改為
startup=1
cd /usr/share/doc/shorewall/examples/one-interface
gzip -d interfaces.gz
gzip -d rules.gz
cp /usr/share/doc/shorewall/examples/one-interface/* /etc/shorewall
cd /etc/shorewall
nano interfaces //修改 interfaces 如下
net eth0 detect routefilter,dhcp,tcpflags,logmartians,nosmurfs
nano rules //修改 rules 如下,允許SSH
SSH/ACCEPT net $FW
ACCEPT $FW net icmp
Ping/REJECT net $FW
[啟動shorewall]
/etc/init.d/shorewall start
