Sign In
Create Account
Back to top |
Chirurgia spinală minim invazivă
Chirurgia spinală minim invazivă oferă pacienților oportunitatea unui tratament eficient, permițându-le o recuperare ultra rapidă și nu în ultimul rând minimizând leziunile induse chirurgical. Echipa noastră utilizează un spectru larg de tehnici minim invazive, din care enumerăm câteva: endoscopia cu variantele ei (transnazală, transtoracică, transmusculară, etc), microscopul operator, abordurile trans tubulare și nu în ultimul rând infiltrațiile la toate nivelurile coloanei vertebrale. www.neurohope.ro |
Firewall
Last Updated: Nov 01 2006 23:28, Started by
catalaur
, Nov 01 2006 21:27
·
0
0
#1
Posted 01 November 2006 - 21:27
|
Se da sistemul de operare Linux Gentoo si urmatorul firewall:
#!/bin/bash iptables -X iptables -F iptables -t nat -F iptables -F INPUT iptables -F FORWARD iptables -F OUTPUT iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT #NEW IPS ifconfig eth0:1 inet xx netmask 255.255.255.128 up #Allow establised connections and progs that use loop-back iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT iptables -A INPUT -i lo -j ACCEPT # OPENING PORTS iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -s xx/32 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p udp --dport 161 -j ACCEPT iptables -A INPUT -p tcp --dport 3128 -j ACCEPT iptables -A INPUT -p udp --dport 3128 -j ACCEPT iptables -A INPUT -p udp --dport 1200 -j ACCEPT iptables -A INPUT -p udp --dport 27000:27015 -j ACCEPT iptables -A INPUT -p tcp --dport 27020:27039 -j ACCEPT iptables -A INPUT -p udp --dport 27015 -j ACCEPT iptables -A INPUT -p tcp --dport 27015 -j ACCEPT iptables -A INPUT -p tcp --dport 91 -s 10.0.0.2/32 -j ACCEPT ####### FTP ACCESS iptables -A INPUT -s 10.0.0.2 -j ACCEPT iptables -A INPUT -s xx-j ACCEPT # ICMP REPLY iptables -A INPUT -p icmp -i eth0 -j ACCEPT iptables -A INPUT -p icmp -i eth1 -j ACCEPT # ROUTING/SNAT echo 1 > /proc/sys/net/ipv4/ip_forward #iptables -t nat -A PREROUTING -s 10.0.2/32 -p tcp -j DNAT --to-destination 10.0.0.1:80 #iptables -A POSTROUTING -t nat -s 10.0.0.2/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.3/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.4/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.6/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.7/32 -j SNAT --to xx #iptables -A POSTROUTING -t nat -s 10.0.0.8/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.18/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.10/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.222/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.33/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.223/32 -j SNAT --to xx iptables -A POSTROUTING -t nat -s 10.0.0.16/32 -j SNAT --xx iptables -A POSTROUTING -t nat -s 10.0.0.2 -j SNAT --to-source xx iptables -A PREROUTING -t nat -d xx -j DNAT --to-destination 10.0.0.2 # ROUTING/NAT iptables -A FORWARD -s 10.0.0.2/32 -j ACCEPT iptables -A FORWARD -d 10.0.0.2/32 -j ACCEPT #ANDREI iptables -A FORWARD -s 10.0.0.8/32 -j ACCEPT iptables -A FORWARD -d 10.0.0.8/32 -j ACCEPT iptables -A FORWARD -s 10.0.0.3/32 -m mac --mac-source 00:0E:A6:C6:2A:9F -j ACCEPT iptables -A FORWARD -d 10.0.0.3/32 -j ACCEPT iptables -A FORWARD -s 10.0.0.4/32 -j ACCEPT iptables -A FORWARD -d 10.0.0.4/32 -j ACCEPT #iptables -A FORWARD -s 10.0.0.16/32 -j ACCEPT #iptables -A FORWARD -d 10.0.0.16/32 -j ACCEPT iptables -A FORWARD -s 10.0.0.6/32 -m mac --mac-source xx-j ACCEPT iptables -A FORWARD -d 10.0.0.6/32 -j ACCEPT iptables -A FORWARD -s 10.0.0.7/32 -m mac --mac-source xx-j ACCEPT iptables -A FORWARD -d 10.0.0.7/32 -j ACCEPT iptables -A FORWARD -s 10.0.0.18/32 -j ACCEPT iptables -A FORWARD -d 10.0.0.18/32 -j ACCEPT iptables -A FORWARD -s 10.0.0.222/32 -j ACCEPT iptables -A FORWARD -d 10.0.0.222/32 -j ACCEPT #iptables -A FORWARD -s 10.0.0.18/32 -m mac --mac-source xx -j ACCEPT #iptables -A FORWARD -d 10.0.0.18/32 -j ACCEPT iptables -A FORWARD -s 10.0.0.10/32 -m mac --mac-source 0xx -j ACCEPT iptables -A FORWARD -d 10.0.0.10/32 -j ACCEPT iptables -A FORWARD -s 10.0.0.33/32 -m mac --mac-source xx -j ACCEPT iptables -A FORWARD -d 10.0.0.33/32 -j ACCEPT # PORT FWD iptables -t nat -A PREROUTING -p udp --dport 55031 -i eth0 -j DNAT --to-destination 10.0.0.4:55031 iptables -t nat -A PREROUTING -p tcp --dport 55031 -i eth0 -j DNAT --to-destination 10.0.0.4:55031 iptables -t nat -A PREROUTING -p tcp --dport 1411 -i eth0 -j DNAT --to-destination 10.0.0.2:1411 iptables -t nat -A PREROUTING -p tcp --dport 1412 -i eth0 -j DNAT --to-destination 10.0.0.2:1412 iptables -t nat -A PREROUTING -p tcp --dport 1413 -i eth0 -j DNAT --to-destination 10.0.0.2:1413 #iptables -t nat -A PREROUTING -p udp --dport 8081 -i eth0 -j DNAT --to-destination 10.0.0.2:8081 iptables -t nat -A PREROUTING -p tcp --dport 55081 -i eth0 -j DNAT --to-destination 10.0.0.2:55081 iptables -t nat -A PREROUTING -p udp --dport 55081 -i eth0 -j DNAT --to-destination 10.0.0.2:55081 iptables -t nat -A PREROUTING -p tcp --dport 55082 -i eth0 -j DNAT --to-destination 10.0.0.2:55082 iptables -t nat -A PREROUTING -p udp --dport 55082 -i eth0 -j DNAT --to-destination 10.0.0.2:55082 Daca pun policy pe accept merge netul, insa asa cum este acum nu merge. Care sa fie cauza? |
#2
Posted 01 November 2006 - 22:54
|
Pune sectiunea iptables -A FORWARD inainte de iptables -t nat -A POSTROUTING si vezi ce se intimpla.
|
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
-
- Change Theme
- English
- Mark Community Read
- Termene & conditii
- Confidentialitate
- Consimtamant
- Cookies
- Help
© 2001-2024 Softpedia. All rights reserved. Softpedia® and the Softpedia logo are registered trademarks of SoftNews Net SRL.
Ora implicita a Forumului Softpedia este ora standard a Romaniei (GMT+2). Mai multe informatii →
⚠ Postarile afisate pe Forumul Softpedia reprezinta o opinie subiectiva a membrilor care le-au publicat si nu a SoftNews Net SRL.