iptables添加白名单规则
############## # 允许lo, PING, 以及所有内部发起的访问 ############## iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -p icmp -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -p icmp -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -j ACCEPT -s 10.0.0.0/8 iptables -A INPUT -j ACCEPT -s 172.16.0.0/12 iptables -A INPUT -j ACCEPT -s 192.168.0.0/16