{"id":2420,"date":"2016-01-03T17:10:21","date_gmt":"2016-01-03T08:10:21","guid":{"rendered":"http:\/\/tech.akat.info\/?p=2420"},"modified":"2016-01-03T17:11:54","modified_gmt":"2016-01-03T08:11:54","slug":"debian8%e3%81%a7icmp%e3%82%92drop%e3%81%99%e3%82%8b","status":"publish","type":"post","link":"https:\/\/tech.akat.info\/?p=2420","title":{"rendered":"debian8\u3067ICMP\u3092DROP\u3059\u308b"},"content":{"rendered":"<h1>\u4e00\u6642\u7684<\/h1>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\nroot@hostname:\/home\/shimizu# iptables -A INPUT -p icmp -j DROP\r\nroot@hostname:\/home\/shimizu# iptables -L\r\nChain INPUT (policy ACCEPT)\r\ntarget     prot opt source               destination\r\nDROP       icmp --  anywhere             anywhere\r\n\r\nChain FORWARD (policy DROP)\r\ntarget     prot opt source               destination\r\n\r\nChain OUTPUT (policy ACCEPT)\r\ntarget     prot opt source               destination\r\n\r\n### Firewall\u60c5\u5831\u3092\u3059\u3079\u3066\u6d88\u53bb\u3059\u308b ###\r\nroot@hostname:\/home\/shimizu# iptables -F\r\n\r\nroot@hostname:\/home\/shimizu# iptables -L\r\nChain INPUT (policy ACCEPT)\r\ntarget     prot opt source               destination\r\n\r\nChain FORWARD (policy DROP)\r\ntarget     prot opt source               destination\r\n\r\nChain OUTPUT (policy ACCEPT)\r\ntarget     prot opt source               destination\r\n\r\n<\/pre>\n<h1>\u6052\u4e45\u7684<\/h1>\n<p>iptables-persistent\u3092\u5229\u7528\u3059\u308b<br \/>\ndebian8\u304b\u3089\/etc\/init.d\/\u3067\u306f\u306a\u304f\u3001netfilter-persistent\u30b3\u30de\u30f3\u30c9\u3067\u5236\u5fa1\u3059\u308b\u305f\u3081\u6ce8\u610f<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\nroot@hostname:\/home\/shimizu# aptitude install iptables-persistent\r\n\u4ee5\u4e0b\u306e\u65b0\u898f\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u307e\u3059:\r\n  iptables-persistent netfilter-persistent{a}\r\n...\r\n\r\nroot@hostname:\/home\/shimizu# cat \/etc\/iptables\/rules.v4\r\n*filter\r\n-A INPUT -p icmp -j DROP\r\nCOMMIT\r\n\r\nroot@hostname:\/home\/shimizu# netfilter-persistent reload\r\nrun-parts: executing \/usr\/share\/netfilter-persistent\/plugins.d\/15-ip4tables start\r\nrun-parts: executing \/usr\/share\/netfilter-persistent\/plugins.d\/25-ip6tables start\r\nroot@hostname:\/home\/shimizu# iptables -L\r\nChain INPUT (policy ACCEPT)\r\ntarget     prot opt source               destination\r\nDROP       icmp --  anywhere             anywhere\r\n\r\nChain FORWARD (policy DROP)\r\ntarget     prot opt source               destination\r\n\r\nChain OUTPUT (policy ACCEPT)\r\ntarget     prot opt source               destination\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>\u4e00\u6642\u7684 root@hostname:\/home\/shimizu# iptables -A INPUT -p icmp -j DROP root@hostname:\/home\/shimizu# iptables -L Ch [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[68],"tags":[],"_links":{"self":[{"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/posts\/2420"}],"collection":[{"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tech.akat.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2420"}],"version-history":[{"count":2,"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/posts\/2420\/revisions"}],"predecessor-version":[{"id":2422,"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/posts\/2420\/revisions\/2422"}],"wp:attachment":[{"href":"https:\/\/tech.akat.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2420"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tech.akat.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2420"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tech.akat.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2420"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}