清除所有规则: iptables -F
开放常用tcp端口: iptables -I INPUT -p tcp -m multiport --dports 20,21,22,3690,80,443,4443,8023,8888,25,110,30000...:30999 -j ACCEPT
开放常用udp端口: iptables -I INPUT -p udp -m multiport --dports 53,123,8571,8888...udp端口(如:dns): iptables -I INPUT -p udp --sport 53 -j ACCEPT iptables -I OUTPUT -p udp --...-m state --state RELATED,ESTABLISHED -j ACCEPT
设置默认关闭所有端口: iptables -P FORWARD DROP iptables...-P OUTPUT ACCEPT iptables -P INPUT DROP
防syn***: iptables -N syn-flood iptables -A INPUT