启用了伪装模式的防火墙。
目前成都创新互联已为成百上千的企业提供了网站建设、域名、网络空间、成都网站托管、企业网站设计、潜山网站维护等服务,公司将坚持客户导向、应用为本的策略,正道将秉承"和谐、参与、激情"的文化,与客户和合作伙伴齐心协力一起成长,共同发展。
[root@server ~]# vi /etc/sysconfig/iptables *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -m state --state INVALID -j DROP -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 --syn -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 --syn -m state --state NEW -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -s 0.0.0.0/32 -d 255.255.255.255/32 -i wlp2s0 -j ACCEPT -A INPUT -s 172.16.0.0/16 -i wlp2s0 -j ACCEPT -A FORWARD -m state --state INVALID -j DROP -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -p tcp -m tcp --syn -m state --state NEW -j ACCEPT -A FORWARD -p udp -m state --state NEW -j ACCEPT -A FORWARD -p icmp -m icmp --icmp-type 0 -j ACCEPT -A FORWARD -p icmp -m icmp --icmp-type 8 -j ACCEPT -A FORWARD -o lo -j ACCEPT -A FORWARD -s 172.16.0.0/16 -i wlp2s0 -j ACCEPT -A OUTPUT -m state --state INVALID -j DROP -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -p tcp -m tcp --syn -m state --state NEW -j ACCEPT -A OUTPUT -p udp -m state --state NEW -j ACCEPT -A OUTPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT -A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -d 172.16.0.0/16 -o wlp2s0 -j ACCEPT COMMIT *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -s 172.16.0.0/24 -o enp3s0 -j MASQUERADE COMMIT
