Gentoo iptables mini HOWTO … kernel options

要 enable kernel 以下的 options ….
及相關 rules

記得這動作有可能會被斷線, 要小心
要 enable kernel 以下的 options

Networking —>
Networking options —>
[*] Network packet filtering (replaces ipchains) —>

emerge iptables

/etc/init.d/iptables save

# Generated by iptables-save v1.3.5 on Wed Jan 31 17:53:41 2007
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Wed Jan 31 17:53:41 2007
# Generated by iptables-save v1.3.5 on Wed Jan 31 17:53:41 2007
*mangle
:PREROUTING ACCEPT [16:2148]
:INPUT ACCEPT [16:2148]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [6:1004]
:POSTROUTING ACCEPT [6:1004]
COMMIT
# Completed on Wed Jan 31 17:53:41 2007
# Generated by iptables-save v1.3.5 on Wed Jan 31 17:53:41 2007
*filter
:INPUT DROP [16:2148]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [6:1004]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp –dport 22 -j ACCEPT

COMMIT
# Completed on Wed Jan 31 17:53:41 2007