芝麻信用评估
![[喜极而泣]](http://res.smzdm.com/images/emotions/36.png)
防火墙配置
#!/bin/bash
# /etc/rc.local
# Default policy to drop all incoming packets.
iptables -P INPUT DROP
iptables -P FORWARD DROP
# Accept incoming packets from localhost and the LAN interface.
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth1 -j ACCEPT
# Accept incoming packets from the WAN if the router initiated the connection.
iptables -A INPUT -i eth0 -m conntrack \
--ctstate ESTABLISHED,RELATED -j ACCEPT
# Forward LAN packets to the WAN.
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
# Forward WAN packets to the LAN if the LAN initiated the connection.
iptables -A FORWARD -i eth0 -o eth1 -m conntrack \
--ctstate ESTABLISHED,RELATED -j ACCEPT
# NAT traffic going out the WAN interface.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# rc.local needs to exit with 0
exit 0
![[高兴]](http://res.smzdm.com/images/emotions/22.png)
