Дайте строчки, чтобы раз и навсегда вписать в /etc/firewall.user и забыть об этом зле
root@ldr:~# ifconfig
br0 Link encap:Ethernet HWaddr 00:1C:10:44:2D:C4
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:43805 errors:0 dropped:0 overruns:0 frame:0
TX packets:32478 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9627816 (9.1 MiB) TX bytes:27022367 (25.7 MiB)
eth0 Link encap:Ethernet HWaddr 00:1C:10:44:2D:C4
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:34877 errors:0 dropped:0 overruns:0 frame:0
TX packets:43684 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:28136438 (26.8 MiB) TX bytes:10569377 (10.0 MiB)
Interrupt:4
eth1 Link encap:Ethernet HWaddr 00:1C:10:44:2D:C6
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:43796 errors:0 dropped:0 overruns:0 frame:90441
TX packets:46801 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10240156 (9.7 MiB) TX bytes:28995977 (27.6 MiB)
Interrupt:2 Base address:0x5000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 TX bytes:0 (0.0
vlan0 Link encap:Ethernet HWaddr 00:1C:10:44:2D:C4
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:14314 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 TX bytes:1639120 (1.5 MiB)
vlan1 Link encap:Ethernet HWaddr 00:1C:10:44:2D:C4
inet addr:82.131.44.112 Bcast:82.131.47.255 Mask:255.255.252.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:34877 errors:0 dropped:0 overruns:0 frame:0
TX packets:29366 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:27508652 (26.2 MiB) TX bytes:8709567 (8.3 MiB)
root@ldr:~# cat /etc/firewall.user
#!/bin/sh
iptables -F input_rule
iptables -F output_rule
iptables -F forwarding_rule
iptables -t nat -F prerouting_rule
iptables -t nat -F postrouting_rule
iptables -F input_wan
iptables -F forwarding_wan
iptables -t nat -F prerouting_wan
iptables -I INPUT 1 -p tcp --dport 54321 -j ACCEPT
iptables -I INPUT 2 -p tcp --dport 8070 -j ACCEPT
Сообщение изменено: Loader (03 июля 2008 - 18:55 )