setting iptables permanen di OpenSuse 12.3

assalamu’alaikum warahmatullahi wabarakatuh..

pagi ini kita akan sedikit membahas bagaimana cara membuat iptables permanen di suse (karena tidak ada paket iptables-persistent). caranya cukup sederhana kok.

1. $ ls /etc/sysconfig/scripts/
SuSEfirewall2-batch   SuSEfirewall2-oldbroadcast  SuSEfirewall2-qdisc    SuSEfirewall2-showlog
SuSEfirewall2-custom  SuSEfirewall2-open          SuSEfirewall2-rpcinfo

edit yang custom

tambahkan beberapa rules yang kalian inginkan

fw_custom_before_denyall() { # could also be named “after_forwardmasq()”
# these are the rules to be loaded after IP forwarding and masquerading
# but before the logging and deny all section is set by SuSEfirewall2.
# You can use this hook to prevent the logging of annoying packets.

#example: prevent logging of talk requests from anywhere
#for chain in input_ext input_dmz input_int forward_int forward_ext forward_dmz; do
#    iptables -A $chain -j DROP -p udp –dport 517:518

#   true

#fw_custom_after_finished() {
# these are the rules to be loaded after the firewall is fully configured
#    true

iptables -A OUTPUT -d IP ADDRESS YANG AKAN DIBLOK -j REJECT –reject-with icmp-port-unreachable

2. lalu edit /etc/sysconfig/Susefirewall2

# This is really an expert option. NO HELP WILL BE GIVEN FOR THIS!
# READ THE EXAMPLE CUSTOMARY FILE AT /etc/sysconfig/scripts/SuSEfirewall2-custom

3. restart Susefirewall

# SuSEfirewall2 stop
# SuSEfirewall2 start

hasilnya :

oke, cukup sekian dan semoga bermanfa’at 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s