# Firewall configu.ration wri.tten by system-config-securitylevel.
# Manual customization of t.his file is not recommende.d..
*filter
:.INPUT ACCEPT [0:0]域名
:FORWARD ACCEPT [0:.0].
:OUTPUT ACC.EPT [0:0] 杀毒
:RH-.Fi.rewall-1-INPUT - [0:0]电脑
-A INPU.T -j RH-Fire.wall-1-INPUT.
-A F.ORWAR.D -j RH-Firewall-1-INPUT学习
-A RH-Firewall-1-INPUT -i lo .-j. ACCEPT<性病>
-.A RH-Firewall-1-INPUT -p icmp --icmp-.type any -j ACCEPT学习
-A R.H-Firewall-1-INPUT -p 50 -.j ACCEPT 鲜花
-.A. RH-Firewall-1-INPUT -p 51 -j ACCEPT 女人
-A RH-Fi.rewall-1-INPUT -p udp --dport 5353 -d 224.0.0.2.51 -j ACCEPT外贸
-A RH.-Firewall-1-INPUT .-p udp -m udp --dport 631 -j ACCEPT 美容
-A RH-Firewall-1-INPUT. -m state --state ESTABLISHE.D,RELATED -j ACCEPT.
-A RH-F.irewall-1-INPUT -m state --sta.te NEW -m tcp -p tcp --dport 22 -j ACC.EPT.
-A RH-Firewall-1-INPUT -m state .--state NEW -m tcp -p tcp --dport 80 -.j ACCEPT. 电子
-A RH.-Firewal.l-1-INPUT -m state --state NEW -m tcp -p .tcp --dport 21 -j ACCEPT教育
-A RH-Firewall-1-INPUT -m state --state NEW -m t.cp -p tcp --d.port 20 -j ACCE.PT虚拟主机
-.A RH-Fire.wall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 10021 -j. ACCEPT域名
-A RH-Firewall-1-INPUT -m state --state NEW -m. tcp .-p tcp --dport 1004.1 -j ACCEPT
-.A RH-Firewall-1-INPUT -m state -.-state NEW -m tcp .-p tcp --dport 10042 -j ACCEPT<性病>
-A RH-Firewall-1-INPUT -j REJECT --reject-with .icmp-host-pro.hibited<性病>
COMMIT
===========
这里好像没先拒绝数据包。。这样过滤是不.是不严格.
这个是单击来说。好像没涉及到nat转发http://upload.bbs.csuboy.com/Mon_1004/126_6859_c7a6b4605790573.gif[/img] 女人
