![Moxa UC-7110-LX [27/46] Define policy for chain rules](/img/pdf.png)
Moxa UC-7110-LX [27/46] Define policy for chain rules
![Moxa UC-7110-LX [27/46] Define policy for chain rules](/views2/1199633/page27/bg1b.png)
UC-7101/7110/7112 Software User’s Manual Configuring UC-7101/7110/7112
4-5
NOTE The UC-7101/7110/7112 do NOT support IPV6 and ipchains.
IPTABLES supports packet filtering or NAT. Take care when setting up the IPTABLES rules. If
the rules are not correct, remote hosts that connect via a LAN or PPP may be denied access. We
recommend using the Serial Console to set up IPTABLES.
Click on the following links for more information about iptables.
http://www.linuxguruz.com/iptables/
http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html
Since the IPTABLES command is very complex, to illustrate the IPTABLES syntax we have
divided our discussion of the various rules into three categories: Observe and erase chain rules,
Define policy rules, and Append or delete rules.
Observe and erase chain rules
Usage:
# iptables [-t tables] [-L] [-n]
-t tables: Table to manipulate (default: ‘filter’); example: nat or filter.
-L [chain]: List List all rules in selected chains. If no chain is selected, all chains are listed.
-n: Numeric output of addresses and ports.
# iptables [-t tables] [-FXZ]
-F: Flush the selected chain (all the chains in the table if none is listed).
-X: Delete the specified user-defined chain.
-Z: Set the packet and byte counters in all chains to zero.
Examples:
# iptables -L -n
In this example, since we do not use the -t parameter, the system uses the default ‘filter’ table.
Three chains are included: INPUT, OUTPUT, and FORWARD. INPUT chains are accepted
automatically, and all connections are accepted without being filtered.
#iptables –F
#iptables –X
#iptables –Z
Define policy for chain rules
Usage:
# iptables [-t tables] [-P] [INPUT, OUTPUT, FORWARD, PREROUTING, OUTPUT, POSTROUTING]
[ACCEPT, DROP]
-P: Set the policy for the chain to the given target.
INPUT: For packets coming into the UC-7101/7110/7112.
OUTPUT: For locally-generated packets.
FORWARD: For packets routed out through the UC-7101/7110/7112.
PREROUTING: To alter packets as soon as they come in.
POSTROUTING: To alter packets as they are about to be sent out.
Examples:
#iptables –P INPUT DROP
#iptables –P OUTPUT ACCEPT
#iptables –P FORWARD ACCEPT
Содержание
- Ninth edition april 2015 1
- Uc 7101 7110 7112 user s manual 1
- Www moxa com product 1
- Copyright notice 2
- Disclaimer 2
- Technical support contact information 2
- Trademarks 2
- Uc 7101 7110 7112 user s manual 2
- Www moxa com support 2
- Table of contents 3
- Introduction 5
- Overview 6
- Package checklist 6
- Hardware specifications 7
- Product features 7
- Product specifications 7
- Software specifications 8
- Getting started 9
- Connecting the uc 7101 7110 7112 to a pc 10
- Console port 10
- Powering on the uc 7101 7110 7112 10
- Telnet 11
- Configuring the ethernet interface 12
- Developing your applications 14
- Installing the uc 7101 7110 7112 tool chain 14
- Compiling hello c 15
- Uploading hello to the uc 7101 7110 7112 15
- Running hello on the uc 7101 7110 7112 16
- Sample makefile code 17
- Software package 19
- Uc 7101 7110 7112 software architecture 20
- Journaling flash file system jffs2 21
- Uc 7101 7110 7112 software package 22
- Configuring uc 7101 7110 7112 23
- Enabling and disabling daemons 24
- How to enable disable etc inittab www server 24
- How to enable disable telnet ftp server 24
- How to enable network time protocol 24
- How to update the system time periodically with network time protocol 24
- Adding a web page 25
- Iptables 25
- Define policy for chain rules 27
- Observe and erase chain rules 27
- Append or delete rules 28
- Nat example 29
- The ip addresses of all packets leaving lan1 are changed to 192 68 27 you will need to load the module ipt_masquerade 29
- Uc 7101 7110 7112 software user s manual configuring uc 7101 7110 7112 29
- Configuring dial in dial out service 30
- Connect using a modem 30
- Dial in service 30
- Dial out service 30
- Direct cable connection 30
- Enabling nat at bootup 30
- Configuring pppoe 31
- Dynamic driver module load unload 31
- How to mount a remote nfs server 31
- Upgrading the kernel 32
- Upgrading the root file system user directory 33
- Autostarting user applications on bootup 34
- Checking the kernel and root file system versions 34
- Loading factory defaults 34
- Uc 7101 7110 7112 device api 35
- Buzzer 36
- Rtc real time clock 36
- Uart interface 36
- Wdt watch dog timer 37
- Editor 41
- File manager 41
- System commands 41
- Μclinux normal command utility collection 41
- Moxa special utilities 42
- Network 42
- Process 42
- Snmp agent with mib ii rs 232 like group 43
Похожие устройства
- Moxa UC-7110-LX Руководство по быстрой установке
- Moxa UC-7110-T-LX Инструкция по эксплуатации
- Moxa UC-7110-T-LX Руководство по аппаратной части
- Moxa UC-7110-T-LX Руководство по программной части
- Moxa UC-7110-T-LX Технические характеристики
- Moxa UC-7110-T-LX Руководство по быстрой установке
- Moxa UC-7112-LX Инструкция по эксплуатации
- Moxa UC-7112-LX Руководство по аппаратной части
- Moxa UC-7112-LX Технические характеристики
- Moxa UC-7112-LX Руководство по программной части
- Moxa UC-7112-LX Руководство по быстрой установке
- Moxa UC-7112-LX Plus Инструкция по эксплуатации
- Moxa UC-7112-LX Plus Руководство по аппаратной части
- Moxa UC-7112-LX Plus Технические характеристики
- Moxa UC-7112-LX Plus Руководство по программной части
- Moxa UC-7112-LX Plus Руководство по быстрой установке
- Moxa UC-7122-CE Инструкция по эксплуатации
- Moxa UC-7122-CE Руководство по аппаратной части
- Moxa UC-7122-CE Технические характеристики
- Moxa UC-7122-CE Руководство по программной части