我要给我的oracle加防火墙
我要给我的oracle加防火墙仅允许内网192.168.1.205的ip访问isqlplus哪位能指点下谢谢
下面设置不能使用isqlplus,
[root@r2gmd ~]# vi /etc/sysconfig/iptables
# Generated by iptables-save v1.2.11 on Mon Apr 21 18:23:49 2008
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1358293:786722115]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A INPUT -s 192.168.1.205 -p tcp -m tcp --dport 1521 -j ACCEPT
-A INPUT -s 192.168.1.205 -p tcp -m tcp --dport 5560 -j ACCEPT
-A INPUT -s 192.168.1.205 -p tcp -m tcp --dport 5500 -j ACCEPT
-A FORWARD -j RH-Firewall-1-INPUT
-A OUTPUT -p tcp -m tcp --sport 1521 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 5500 -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 5560 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 177 -j ACCEPT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p ipv6-crypt -j ACCEPT
-A RH-Firewall-1-INPUT -p ipv6-auth -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.1.205 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited 自己顶下
又丢帖子了...
找到需要开放或者关闭的端口,然后在iptable里面加条规则。完毕! 1521,5560 5500端口,上面是我iptables的设置有啥问题吗,谢谢
页:
[1]