Harhadawa da iptables, tips, shawara ga dummies

Mai amfani umurnin line da iptables, wanda za a tattauna a wannan labarin ne mai misali dubawa da aka yi amfani don sarrafa netfilter Firewall. Wannan shi ne duk dacewa, idan kwamfutarka ne a guje Linux aiki tsarin versions 2.4 da kuma 2.6. Kawai sa, da iptables sanyi taimaka sarrafa da Firewall, amma yin amfani da shi na bukatar tushen access. Duk da cewa manufar daban-daban, sau da yawa sosai, magana game da su, mutane nufin abu aya ne. Amma ba haka.

A saba da talakawa tabbas sun ji na ra'ayi, a cikin tambaya, amma abin da suke nufi da abin da ake bukata, domin wasu m. Saboda haka, a kowane kwamfuta haɗa ta internet, tafi, ta hanyar daban-daban cibiyar sadarwa fakitoci cewa bukatar da za a sarrafawa. Wannan shi ne makasudin Firewall. Wannan software aiki a kan daban-daban OSI yadudduka. Sun yi aiki daidai da ya ce a zabi aikin da aikin.

Babban da kuma babban aiki na wani Firewall - kariya a kan samun dama marar izini daga mutum zuwa mutum raka'a kuma duka kwamfuta cibiyoyin sadarwa. Sun wasa da muhimmancin tace (an kira su): rajistan shiga da kuma raba cibiyar sadarwa fakitoci bisa ga ma'auni da za a yi niyya da tsarin. A ra'ayi ne cewa su ne a daidai sarkar na mataki. A gaskiya, wannan shi ne yanayin. Kafa up iptables taimaka mai amfani don amfani duk da dokoki, da wanda ake nufi cikin wadannan:

1. yarda gwajin kunshin.
2. Da ake ji da ya dace ayyuka.

A mataki an dauke a matsayin al'ada talakawa aiki, msl, AR, da kuma kisan wani ciki mulki daga sarkar zuwa wani. Yadda za a yi shi duka, za a iya samu a wani wa'azi iptables saituna for dummies. More m masu amfani san cewa ayyuka da kansu su ne na biyu iri: m da wadanda ba m. Babban manufar farko - shi ne ya dakatar da tsari aiki a cikin na asali sarkar na kan iyakoki, misali, Amince. Na biyu, a bambanci, ba su daina sarrafa kunshin, misali, MARK, TOS, ta gyara ga dabaru karshen. Lokacin da bayanai da aka wuce da dukan sarkar, kuma shi aka bai wa kowane daya mataki, shi kawai yana nufin cewa duk abin da ya faru a cikin default yanayin (saita matsayin farko)

Al'ada saitin iptables samar da uku main iri alluna lokacin da mai amfani:

1. Mangle - aka fi amfani da lokacin da ka bukatar ka yi canje-canje ga kunshin sunan. An misali ne wani canji na TOS ragowa.
2. Nat - sarkar don nuna Network Address. Yana za a iya yi kawai a cikin iyakoki na sauran. Ba tacewa ba za a iya za'ayi sai a na kwarai lokuta.
3. Tace - ratsa shi, duk mai shigowa fakitoci, kuma babu wani bambanci, da suka bi da wani dubawa. A wasu kalmomin, da sarkar tace zirga-zirga.

All users sun fi sha'awar a cikin na uku tebur. Yana da ma'aikata uku na sarƙoƙi. A farko - domin mai shigowa fakitoci - Input, na biyu - domin za daga daya kwamfuta zuwa wani - DAN GABA, da kuma na uku - domin mai fita - fitarwa. A karkashin halin yanzu dokoki, wani kunshin, za duk hanyar, ko watsi da, ko ba.

All data kasance dokoki iptables Ubuntu sanyi damar gyara kamar yadda ka so mai amfani. Wannan ne yake aikata ta shigar wasu dokokin da a cikin m. A kirtani cewa yana dauke da sharudda ga kayyade kunshin, kuma akwai wata dokar. dokokin abar rikodin wannan: iptables [-t tebur-sunan] umurnin [juna] [-J mataki]. Ga t bada wani nuni ne na irin tebur za, idan ba, an nuna default kirtani (tace). Lokacin da mai amfani da bukatar wani daban-daban irin, shi dole ne a shiga hannu. The tawagar dole tsaya nan da nan bayan da sunan. Idan babu irin wannan, shi ne a cikin ta farko wuri. Action ma'anar saitin iptables. Mafi na kowa ne, kamar AR (izinin fakiti Kammala), sauke (ba miss, da shiru jefar da mataki ya zo ga ƙarshe ba kawai don wani guda sarkar, amma kuma ga duk wasu).