Cri*_*itu 56
一个班轮:
iptables -I INPUT \! --src 1.2.3.4 -m tcp -p tcp --dport 777 -j DROP # if it's not 1.2.3.4, drop it
更优雅的解决方案:
iptables -N xxx # create a new chain
iptables -A xxx --src 1.2.3.4 -j ACCEPT # allow 1.2.3.4
iptables -A xxx --src 1.2.3.5 -j ACCEPT # allow 1.2.3.5
iptables -A xxx --src 1.2.3.6 -j ACCEPT # allow 1.2.3.6
iptables -A xxx -j DROP # drop everyone else
iptables -I INPUT -m tcp -p tcp --dport 777 -j xxx # use chain xxx for packets coming to TCP port 777
| 归档时间: |
|
| 查看次数: |
74811 次 |
| 最近记录: |