|
|
我的iptalbe是这样的:
haha@loveDebian:~$ sudo /sbin/iptables -L
Password:
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
DROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
DROP tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST
DROP tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN
DROP tcp -- anywhere anywhere tcp flags:ACK,URG/URG
DROP tcp -- anywhere anywhere tcp flags SH,ACK/PSH
Chain FORWARD (policy ACCEPT)
target prot opt source destination
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN tcpmss match 1400:1536 TCPMSS clamp to PMTU
DROP all -- anywhere anywhere STRING match ".mp3" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match ".swf" ALGO name bm TO 65535
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
haha@loveDebian:~$
在转发链上禁止下载mp3,成功的。
但是现在的问题是,我在机器上还开有web,我希望通过LAN内的用户能够下载web上的mp3,但是现在好象LAN内用户现在我机器上mp3时也被DROP了。怎么搞的?这没有转发啊! |
|
IP卡
狗仔卡
发表于 2006-4-4 09:55:31
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
楼主