Dear semua,
command #iptables bla .. bla.... bla.... ini kalo PC direstart khan hilang efeknya gimana supaya kalo restart kita nggak perlu jalankan command iptables lagi
terima kasih
Anwar
----- Original Message ----- From: "watchers renjana" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, April 12, 2004 10:55 PM
Subject: Re: [tanya-jawab] setup iptables
http://jateng.linux.or.id/artikel/network/2001/07/nat-iptables.html
barangkali bisa membantu
----- Original Message ----- From: SETIJO AGUS <[EMAIL PROTECTED]> Date: Tue, 13 Apr 2004 07:55:35 +0700 To: [EMAIL PROTECTED] Subject: [tanya-jawab] setup iptables
Tolong dibantu
konfigurasi internet ditempat kami sbb Internet ---- router ---- lan (172.20.0.0 s/d 172.20.x.x dengan mask 255.255.0.0), dimana saya ingin agar yang bisa browsing hanya ip dibawah ini IP: 172.20.140.195 Mac Address:00-03-47-63-A4-44 IP: 172.20.140.160 Mac Address:00-02-B3-9D-FF-D1 IP: 172.20.0.3 Mac Address:00-04-75-BC-C2-43 IP: 172.20.0.25 Mac Address:00:A0:0C:42:92:A8 IP:172.20.231.54 Mac Address:00:30:84:3B:B3:ED Sedangan IP: 172.20.140.195 Mac Address:00-03-47-63-A4-44, juga saya gunakan sebagai mail server, langkah saya : iptables -A FORWARD -s ! 172.20.0.0/16 -p tcp --dport 80:8080 -j REJECT iptables -A FORWARD -s 172.20.140.195 -p tcp -m mac --mac-source 00:03:47:63:A4:44 --dport 80:8080 -j ACCEPT iptables -A FORWARD -s 172.20.140.160 -p tcp -m mac --mac-source 00:02:B3:9D:FF:D1 --dport 80:8080 -j ACCEPT iptables -A FORWARD -s 172.20.0.3 -p tcp -m mac --mac-source 00:04:75:BC:C2:43 --dport 80:8080 -j ACCEPT iptables -A FORWARD -s 172.20.0.25 -p tcp -m mac --mac-source 00:A0:0C:42:92:A8 --dport 80:8080 -j ACCEPT iptables -A FORWARD -s 172.20.231.54 -p tcp -m mac --mac-source 00:30:84:3B:B3:ED --dport 80:8080 -j ACCEPT
tapi akibatnya kok semua nggak bisa browsing termasuk IP: 172.20.140.195 IP: 172.20.140.160 IP: 172.20.0.3
IP: 172.20.0.25 IP:172.20.231.54
Dimana ya yang salah ?
-- Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] Arsip dan info di http://linux.or.id/milis.php FAQ milis http://linux.or.id/faq.php
-- ______________________________________________ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
-- Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] Arsip dan info di http://linux.or.id/milis.php FAQ milis http://linux.or.id/faq.php
ini contoh script iptables: *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0]
-A INPUT -p tcp --dport 139 -j DROP
COMMIT
ket, distro yg saya pake rh9, simpan script diatas ke direktori /etc/sysconfig/iptables atau edit dg #vi /etc/sysconfig/iptables dan simpan.
restart iptables,,,,,semoga membantu
salam,
-- Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] Arsip dan info di http://linux.or.id/milis.php FAQ milis http://linux.or.id/faq.php
