\u8fd9\u4e2a\u5185\u7f6e\u7684target\u4f7f\u5185\u6838\u4e0d\u7ee7\u7eed\u5904\u7406\u8fd9\u6761\u94fe\uff0c\u4e5f\u4e0d\u7ed9\u53d1\u9001\u8005\u53d1\u9001\u4efb\u4f55\u7684\u62d2\u7edd\u4fe1\u606f\u3002<\/p>\n
\u53ea\u6709DROP target \u548c ACCEPT target \u53ef\u4ee5\u88ab\u7528\u6765\u5f53\u505a\u5185\u90e8\u94fe<\/p>\n
\u53ef\u4ee5\u770bREJECT target\uff0c\u5b83\u4f1a\u7ed9\u53d1\u9001\u8005\u53d1\u9001\u4e00\u4e2aICMP\u56de\u590d<\/p>\n
\u7981\u6b62\u4e0a\u67d0\u7f51\u7ad9\uff1a<\/p>\n
iptables -I OUTPUT -p tcp -m string --string \"jd.com\" --algo bm -j DROP\r\niptables -I OUTPUT -p tcp -m string --string \"58.com\" --algo bm -j DROP\r\niptables -I OUTPUT -p tcp -m string --string \"taobao.com\" --algo bm -j DROP\r\niptables -I OUTPUT -p tcp -m string --string \"v2ex.com\" --algo bm -j DROP\r\niptables -I OUTPUT -p tcp -m string --string \"qq.com\" --algo bm -j DROP<\/pre>\n\u4e5f\u53ef\u4ee5\u4f7f\u7528reject<\/p>\n
iptables -I OUTPUT -p tcp -m string --string \"v2ex.com\" --algo bm -j REJECT<\/pre>\n\u5220\u9664\u4e00\u6761\u8bb0\u5f55<\/p>\n
iptables -D OUTPUT 3<\/pre>\n\u7981\u7528 4001 \u7aef\u53e3<\/p>\n
\/sbin\/iptables -A INPUT -p tcp --destination-port 4001 -j DROP<\/pre>\n\u4e34\u65f6\u7981\u7528\u5230 domain.com \u7684\u8bbf\u95ee<\/p>\n
iptables -A INPUT -d domain.com -j REJECT<\/pre>\n\r\niptables -L -n --line-numbers\r\n<\/pre>\n\u5982\u679c\u4f60\u7684\u673a\u5668\u662f NAT<\/p>\n","protected":false},"excerpt":{"rendered":"
\u8fd9\u4e2a\u5185\u7f6e\u7684target\u4f7f\u5185\u6838\u4e0d\u7ee7\u7eed\u5904\u7406\u8fd9\u6761\u94fe\uff0c\u4e5f\u4e0d\u7ed9\u53d1\u9001\u8005\u53d1\u9001\u4efb\u4f55\u7684\u62d2\u7edd\u4fe1\u606f\u3002 \u53ea\u6709DROP target \u548c ACCEPT target \u53ef\u4ee5\u88ab\u7528\u6765\u5f53\u505a\u5185\u90e8\u94fe \u53ef\u4ee5\u770bREJECT target\uff0c\u5b83\u4f1a\u7ed9\u53d1\u9001\u8005\u53d1\u9001\u4e00\u4e2aICMP\u56de\u590d \u7981\u6b62\u4e0a\u67d0\u7f51\u7ad9\uff1a iptables -I OUTPUT -p tcp -m string –string “jd.com” –algo bm -j DROP iptables -I OUTPUT -p tcp -m string –string “58.com” –algo bm -j DROP iptables -I OUTPUT -p tcp -m string –string “taobao.com” –algo bm -j DROP iptables -I OUTPUT -p tcp -m […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[92],"tags":[23],"class_list":["post-3011","post","type-post","status-publish","format-standard","hentry","category-iptables","tag-summary"],"_links":{"self":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/3011","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3011"}],"version-history":[{"count":11,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/3011\/revisions"}],"predecessor-version":[{"id":9347,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/3011\/revisions\/9347"}],"wp:attachment":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3011"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3011"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3011"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}