We are in the process of migrating this forum. A new space will be available soon. We are sorry for the inconvenience.

ip6tables - konfiguraatio CentOS 7 KVM


MikaR
07-20-2016, 04:51 PM
No jopas jotakin lainaten ranslaisten keskustelu foorumia löysin sitten ohjeet pienestä se kiinni on eli.. korvaten iptables muotoon ip6tables...

ip6tables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all anywhere anywhere
ACCEPT ipv6-icmp anywhere anywhere
ACCEPT udp anywhere anywhere udp dpt:domain
ACCEPT tcp anywhere anywhere tcp dpt:EtherNet/IP-1
ACCEPT tcp anywhere anywhere tcp dpt:webcache
ACCEPT tcp anywhere anywhere tcp dpt:http
ACCEPT tcp anywhere anywhere tcp dptop3
ACCEPT tcp anywhere anywhere tcp dpt:imap
ACCEPT tcp anywhere anywhere tcp dpt:https
ACCEPT tcp anywhere anywhere tcp dpt:urd
ACCEPT tcp anywhere anywhere tcp dpt:submission
ACCEPT tcp anywhere anywhere tcp dpt:imaps
ACCEPT tcp anywhere anywhere tcp dptop3s
ACCEPT tcp anywhere anywhere tcp dpt:6279 state NEW,ESTABLISHED
ACCEPT tcp anywhere anywhere tcp dpt:7458 state NEW,ESTABLISHED
ACCEPT tcp anywhere anywhere tcp dpt:6279 state NEW,ESTABLISHED
ACCEPT tcp anywhere anywhere tcp dpt:ftp state NEW,ESTABLISHED
ACCEPT tcp anywhere anywhere tcp dpt:ftp-data state NEW,ESTABLISHED
ACCEPT tcp anywhere anywhere tcp dpt:mysql state NEW,ESTABLISHED
ACCEPT tcp anywhere anywhere tcp dpt:urd state NEW,ESTABLISHED
ACCEPT tcp anywhere anywhere tcp spts:1024:65535 dpts:ftp-data:65535 ctstate NEW,ESTABLISHED
ACCEPT udp anywhere anywhere state RELATED,ESTABLISHED

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Joten nyt pitäisi olla kunnossa..

MikaR
07-20-2016, 04:07 PM
Hei!

Nyt ois vuorossa ip6tables - konfiguraation laittoa tässä ja mites OVH - ajattelee ohjeiden osalta tämän? Yrittänyt tässä hiki päässä CentOS 7 - palvelimelle ip6tables - sääntöjä luoda.

ip6tables -L -v -n
Chain INPUT (policy ACCEPT 8243 packets, 4857K bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 8685 packets, 819K bytes)
pkts bytes target prot opt in out source destination
Eli paketi kulkee mutta mitään sääntöjä tuohon ip6tables juttuun ei löydy OVH:n ohjeista tai sitten silmäni on tehty puusta.