리눅스 lokkit

Jmnote bot (토론 | 기여)님의 2017년 7월 11일 (화) 03:52 판 (봇: 자동으로 텍스트 교체 (-==참고 자료== +==참고==))
(차이) ← 이전 판 | 최신판 (차이) | 다음 판 → (차이)

1 개요[ | ]

lokkit
/usr/sbin/lokkit
  • 리눅스 방화벽 설정 도구
┌-----------┤ Firewall Configuration ├-----------┐   
│                                                  │                             
│ A firewall protects against unauthorized         │                             
│ network intrusions. Enabling a firewall blocks   │                             
│ all incoming connections. Disabling a firewall   │                             
│ allows all connections and is not recommended.   │                             
│                                                  │                             
│    Security Level: ( ) Enabled (*) Disabled      │                             
│                                                  │                             
│               SELinux: Enforcing                 │                             
│                        Permissive                │                             
│                        Disabled                  │                             
│                                                  │                             
│   ┌----┐     ┌-----------┐    ┌--------┐   │
│   │ OK │     │ Customize │    │ Cancel │   │                       
│   └----┘     └-----------┘    └--------┘   │                               
│                                                  │                             
│                                                  │                             
└--------------------------------------------------┘
┌----------------┤ Firewall Configuration - Customize ├----------------┐  
│                                                                        │ 
│ You can customize your firewall in two ways. First, you can select     │                  
│ to allow all traffic from certain network interfaces. Second, you      │                  
│ can allow certain protocols explicitly through the firewall. Specify   │                  
│ additional ports in the form 'service:protocol', such as 'imap:tcp'.   │                  
│                                                                        │                  
│ Trusted Devices:    [ ] eth0                                           │                  
│                                                                        │                  
│ MASQUERADE Devices: [ ] eth0                                           │                  
│                                                                        │                  
│                     [ ] SSH                [ ] Telnet [ ] FTP          │                  
│ Allow incoming:     [ ] WWW (HTTP)         [ ] Samba  [ ] Mail (SMTP)  │                  
│                     [ ] Secure WWW (HTTPS) [ ] NFS4                    │                  
│                     Other ports _________________________              │ 
│		                                                          │
│                                 ┌----┐                               │
│                                 │ OK │                               │                
│                                 └----┘                               │            
│                                                                        │ 
│                                                                        │                  
└------------------------------------------------------------------------┘

2 방화벽 끄기[ | ]

[root@zetawiki ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@zetawiki ~]# lokkit --selinux=disabled --disabled
[root@zetawiki ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

3 같이 보기[ | ]

4 참고[ | ]

문서 댓글 ({{ doc_comments.length }})
{{ comment.name }} {{ comment.created | snstime }}