1. 配置ip
/etc/conf.d/net
DHCP 动态获取
固定IP
2 或者
3 config_eth0= ( "192.168.0.2/24 brd 192.168.0.255" )
4 routes_eth0= ( "default via 192.168.0.1" )
2. DNS设置
/etc/resolv.conf
3. 重启网卡(dhcpcd eth0)
4. 配置防火墙 iptables
# stop iptables services
/etc/init.d/iptables stop
# disable all chains
iptables -F
iptables -t nat -F
iptables -t mangle -F
# allow ssh
iptables -A INPUT -i eth0 -p tcp –dport 22 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp –dport 80 -j ACCEPT
# allow old connection and deny new connection
iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth0 -m state –state NEW,INVALID -j DROP
# allow all localhost
iptables -A INPUT -i lo -j ACCEPT
# define default policy
iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
# save
/etc/init.d/iptables save
/etc/init.d/iptables restart
#加入自动启动任务,使iptables自动启动
rc-update add iptables default
如何删除一条规则?比如删除80端口,让外面无法访问。
iptables -D INPUT -i eth0 -p tcp –dport 80 -j ACCEPT
如何再添加?
iptables -I INPUT -i eth0 -p tcp –dport 80 -j ACCEPT
最后别忘记用
/etc/init.d/iptables save
/etc/init.d/iptables restart
这两个命令保存并重启
http://blog.prosight.me/index.php/2009/07/211