![Moxa IA261-I-LX [37/71] Append or delete rules](/img/pdf.png)
Moxa IA261-I-LX [37/71] Append or delete rules
![Moxa IA261-I-LX [37/71] Append or delete rules](/views2/1199953/page37/bg25.png)
IA260-261-262 EM-2260 LX User’s Manual Managing Communications
Examples:
# iptables -L -n
In this example, since we do not use the -t parameter, the system uses the default ‘filter’ table.
Three chains are included: INPUT, OUTPUT, and FORWARD. INPUT chains are accepted
automatically, and all connections are accepted without being filtered.
#iptables –F
#iptables –X
#iptables -Z
Define policy for chain rules
Usage:
# iptables [-t tables] [-P] [INPUT, OUTPUT, FORWARD, PREROUTING, OUTPUT, POSTROUTING]
[ACCEPT, DROP]
-P: Set the policy for the chain to the given target.
INPUT: For packets coming into the IA260/IA261/IA262/EM-2260.
OUTPUT: For locally-generated packets.
FORWARD: For packets routed out through the IA260/IA261/IA262/EM-2260.
PREROUTING: To alter packets as soon as they come in.
POSTROUTING: To alter packets as they are about to be sent out.
Examples:
#iptables –P INPUT DROP
#iptables –P OUTPUT ACCEPT
#iptables –P FORWARD ACCEPT
#iptables –t nat –P PREROUTING ACCEPT
#iptables –t nat –P OUTPUT ACCEPT
#iptables -t nat –P POSTROUTING ACCEPT
In this example, the policy accepts outgoing packets and denies incoming packets.
Append or delete rules:
Usage:
# iptables [-t table] [-AI] [INPUT, OUTPUT, FORWARD] [-io interface] [-p tcp, udp, icmp,
all] [-s IP/network] [--sport ports] [-d IP/network] [--dport ports] –j [ACCEPT. DROP]
-A: Append one or more rules to the end of the selected chain.
-I: Insert one or more rules in the selected chain as the given rule number.
-i: Name of an interface via which a packet is going to be received.
-o: Name of an interface via which a packet is going to be sent.
-p: The protocol of the rule or of the packet to check.
-s: Source address (network name, host name, network IP address, or plain IP address).
--sport: Source port number.
-d: Destination address.
--dport: Destination port number.
-j: Jump target. Specifies the target of the rules; i.e., how to handle matched packets. For
example, ACCEPT the packet, DROP the packet, or LOG the packet.
4-10
Содержание
- First edition january 2009 1
- Ia260 ia261 ia262 em 2260 linux user s manual 1
- Www moxa com product 1
- Copyright notice 2
- Disclaimer 2
- Ia260 ia261 ia262 em 2260 linux user s manual 2
- Technical support contact information www moxa com support 2
- Trademarks 2
- Table of contents 3
- Introduction 5
- Overview 6
- Software architecture 6
- Journaling flash file system jffs2 7
- Software package 8
- Getting started 9
- Connecting the ia260 ia261 ia262 em 2260 to a pc 10
- Debug port 10
- Powering on the ia260 ia261 ia262 em 2260 10
- Telnet console 11
- Ssh console 12
- Windows users 12
- Linux users 13
- Configuring the ethernet interface 14
- Modifying network settings 14
- Vga console 14
- Cf socket for storage expansion 15
- Modifying network settings by command 15
- Test program developing hello c 15
- Checking the flash memory space 16
- Installing the tool chain linux 16
- Compiling hello c 17
- Uploading and running the hello program 17
- Managing embedded linux 18
- System version information 19
- Upgrading the firmware 19
- Attention 21
- Ia260 261 262 em 2260 lx user s manual managing embedded linux 21
- Next use the upgradehfm command to upgrade the kernel and root file system 21
- The upgradehfm utility will reboot your target after the upgrade is ok 21
- Enabling and disabling daemons 22
- Ia260 261 262 em 2260 lx user s manual managing embedded linux 22
- Loading factory defaults 22
- Snmpd snmp agent daemon telnetd telnet server daemon and client inetd internet daemons ftpd ftp server daemon and client sshd secure shell server daemon httpd apache www server daemon 22
- The following daemons are enabled when the ia260 ia261 ia262 em 2260 boots up for the first time 22
- To load the factory default settings you must press the reset to default button for more than 5 seconds all files in the home etc directories will be deleted note that while pressing the reset to default button the ready led will blink three times and then turn off it takes about one minute for the factory defaults to fully load for users who have logged onto the computer please note that they will be forcibly logged out when the factory defaults are loaded and the systems start to reboot 22
- Type the command ps to list all processes currently running 22
- Ia260 261 262 em 2260 lx user s manual managing embedded linux 23
- Next use vi to open your application script we use the example program tcps2 release and put it to run in the background 23
- The enabled daemons will be available after you reboot the system 23
- To run a private daemon you can edit the file rc local as follows 23
- Setting the run level 24
- Adjusting the system time 25
- Setting the time manually 25
- Ntp client 26
- Updating the time automatically 26
- Cron daemon to execute scheduled commands 27
- Managing communications 28
- Telnet ftp 29
- Web service apache 30
- Ia260 261 262 em 2260 lx user s manual managing communications 32
- Install php for apache web server 32
- Step 1 check that you have enough free space 32
- Step 2 type upramdisk to get the free space ram disk to save the package 32
- Step 3 download the php package from the cd rom you can find the package in cd rom utility_tools libmysqlclientx_x x xx_xxxxxx ipk and rom utility_tools libphpx_x x x_xxxxxx ipk where x indicates the version and cpu model 32
- Step 4 run ipkg cl install libmysqlclient5_5 3_arm ipk and then run ipkg cl install libphp5_5 _arm ipk to install php 32
- Step 5 test it use the browser to access http 192 68 27 phpinfo php 32
- This embedded computer supports the php option however since the php file is 3 mb it is not installed by default to install it yourself first make sure there is enough free space at least 3 mb on your embedded flash rom 32
- To check that the dev mtdblock3 free space is greater than 3 mb 32
- Iptables 34
- Ia260 261 262 em 2260 lx user s manual managing communications 35
- The following figure shows the iptables hierarchy 35
- Observe and erase chain rules 36
- Append or delete rules 37
- Define policy for chain rules 37
- Enabling nat at bootup 39
- Ia260 261 262 em 2260 lx user s manual managing communications 39
- In most real world situations you will want to use a simple shell script to enable nat when the ia260 ia261 ia262 em 2260 boots up the following script is an example 39
- Nat area private ip 39
- Nat example 39
- The ip address of lan1 is changed to 192 68 27 you will need to load the module ipt_masquerade 39
- Dial up service ppp 40
- Example 1 connecting to a ppp server over a simple dial up connection 40
- Example 2 connecting to a ppp server over a hard wired link 41
- How to check the connection 42
- Setting up a machine for incoming ppp connections 43
- Nfs network file system 45
- Setting up the ia260 ia261 ia262 em 2260 as an nfs client 45
- Openvpn 46
- Copy the file that is generated to the openvpn machine 47
- Generate a script file named openvpn bridge on each openvpn machine this script reconfigures interface eth1 as ip less creates logical bridge s and tap interfaces loads modules enables ip forwarding etc 47
- Host a 47
- Host a b represents one of the machines that belongs to openvpn a b the two remote subnets are configured for a different range of ip addresses when this setup is moved to a public network the external interfaces of the openvpn machines should be configured for static ips or connect to another device such as a firewall or dsl box first 47
- Host b 47
- Ia260 261 262 em 2260 lx user s manual managing communications 47
- Internet internet 47
- Lan1 192 68 71 47
- Lan1 192 68 72 lan1 192 68 74 47
- Lan1 192 68 73 47
- Lan2 192 68 73 47
- Lan2 192 68 74 47
- Local net 47
- Openvpn a 47
- Openvpn b 47
- Set up four machines as shown in the following diagram 47
- Setup 1 ethernet bridging for private networks on different subnets 47
- Ia260 261 262 em 2260 lx user s manual managing communications 48
- Create link symbols to enable this script at boot time 49
- Ia260 261 262 em 2260 lx user s manual managing communications 49
- Setup 2 ethernet bridging for private networks on the same subnet 51
- Create a configuration file named a tun conf and an executable script file named a tun sh 52
- Create a configuration file named b tun conf and an executable script file named b tun sh on openvpn b 52
- Host a 52
- Host b 52
- Ia260 261 262 em 2260 lx user s manual managing communications 52
- Internet internet 52
- Lan1 192 68 71 52
- Lan1 192 68 72 lan1 192 68 74 52
- Lan1 192 68 73 52
- Lan2 192 68 73 52
- Lan2 192 68 74 52
- Local net 52
- Openvpn a 52
- Openvpn b 52
- Set up the four machines as shown in the following diagram 52
- Setup 3 routed ip 52
- Development tool chains 54
- Compilation for applications 55
- Linux tool chain 55
- Steps for installing the linux tool chain 55
- On line debugging with gdb 56
- Programmer s guide 57
- Device api 58
- Flash memory map 58
- Rtc real time clock 58
- Buzzer 59
- Baudrate inaccuracy 60
- Example to get the baudrate 60
- Example to set the baudrate 60
- Special note 60
- Introduction 61
- Moxacan programming guide 61
- Programming guide 61
- Application programming interface 64
- Digital i o 64
- Examples 66
- Special note 66
- Ia260 ia261 ia262 em 2260 linux user s manual programmer s guide 67
- Ia260 ia261 ia262 em 2260 linux user s manual programmer s guide 68
- 13 6 13 69
- Bin rm f fname fname dbg o 69
- Dio program make file example 69
- Ia260 ia261 ia262 em 2260 linux user s manual programmer s guide 69
- A system commands 70
- Editor 70
- File manager 70
- Linux normal command utility collection 70
- Network 70
- System commands 70
- Moxa special utilities 71
- Process 71
Похожие устройства
- Moxa IA261-I-LX Руководство по аппаратной части
- Moxa IA261-I-LX Технические характеристики
- Moxa IA261-I-LX Руководство по быстрой установке
- Moxa IA261-I-LX Руководство по работе с утилитой Moxa Device Manager
- Moxa IA261-I-T-LX Инструкция по эксплуатации
- Moxa IA261-I-T-LX Руководство по аппаратной части
- Moxa IA261-I-T-LX Технические характеристики
- Moxa IA261-I-T-LX Руководство по быстрой установке
- Moxa IA261-I-T-LX Руководство по работе с утилитой Moxa Device Manager
- Moxa IA262-I-CE Инструкция по эксплуатации
- Moxa IA262-I-CE Руководство по аппаратной части
- Moxa IA262-I-CE Технические характеристики
- Moxa IA262-I-CE Руководство по работе с утилитой Moxa Device Manager
- Moxa IA262-I-CE Руководство по быстрой установке
- Moxa IA262-I-T-CE Инструкция по эксплуатации
- Moxa IA262-I-T-CE Руководство по аппаратной части
- Moxa IA262-I-T-CE Технические характеристики
- Moxa IA262-I-T-CE Руководство по быстрой установке
- Moxa IA262-I-T-CE Руководство по работе с утилитой Moxa Device Manager
- Moxa IA262-I-LX Инструкция по эксплуатации