http://linux-sys-adm.com/ubuntu-16.04-lts-how-to-configure-firewall-iptables-fail2ban/
Å×½ºÆ® ȯ°æ : Ubuntu 16.04 LTS
$ sudo apt-get install iptables-persistent
:: ipv4 / ipv6 ·ê ÀúÀå¿©ºÎ
¼³Á¤ÆÄÀÏ ÀúÀå°æ·Î
$ pwd
/etc/iptables
:: À§¿¡¼ ÀúÀåÀ» Çß´Ù¸é ¾Æ·¡¿Í °°ÀÌ ÇöÀç Rule ÆÄÀÏ·Î ÀúÀå
$ ls -l
ÇÕ°è 8
-rw-r--r-- 1 root root 1353 9¿ù 20 13:27 rules.v4
-rw-r--r-- 1 root root 187 9¿ù 20 13:27 rules.v6
¹æ¹ý1) init ½ºÅ©¸³Æ® ÀÛ¼º
$ sudo service iptables-persistent start
:: invoce-rc.d ¸¦ ÀÌ¿ëÇؼ ¼ºñ½º ½ÇÇà
$ sudo invoke-rc.d netfilter-persistent save
* Saving netfilter rules...
run-parts: executing /usr/share/netfilter-persistent/plugins.d/15-ip4tables save
run-parts: executing /usr/share/netfilter-persistent/plugins.d/25-ip6tables save
[ OK ]
$ sudo service netfilter-persistent stop
:: init ½ºÅ©¸³Æ®·Î º¹»ç
$ sudo cp /usr/share/netfilter-persistent/plugins.d/15-ip4tables /etc/init.d/iptables
$ sudo /etc/init.d/iptables start
$ sudo /etc/init.d/iptables flush
:: ºÎÆýà ÀÚµ¿À¸·Î ¼ºñ½º ¿Ã¶ó¿À°Ô µî·Ï
$ sudo update-rc.d -f iptables defaults
¾Æ·¡¿Í °°Àº ¿¡·¯°¡ ¶ß¸é... Çش罺ũ¸³Æ®¿¡ LSB tag°ªÀÌ ÁöÁ¤µÇ¾îÀÖÁö ¾Ê´Ù´Â ¸Þ¼¼Áö±â¿¡ ¾Æ·¡ ¹®±¸»ðÀÔ $ sudo update-rc.d -f iptables defaults
insserv: warning: script 'K01iptables' missing LSB tags and overrides
insserv: warning: script 'iptables' missing LSB tags and overrides
$ sudo vim /etc/init.d/iptables
............................
### BEGIN INIT INFO
# Provides: skeleton
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Example initscript
# Description: This file should be used to construct scripts to be
# placed in /etc/init.d.
### END INIT INFO
¼ºñ½º È°¼ºÈ üũ¸®½ºÆ®
$ sudo service --status-all
¹æ¹ý2) ³×Æ®¿öÅ© ¼³Á¤ÆÄÀÏ¿¡ ÀúÀåµÈ ¼³Á¤ ÆÄÀÏ iptables-restore
$ sudo vim /etc/network/interface
auto eth0
iface eth0 inet static
address 192.168.22.223
netmask 255.255.255.0
gateway 192.168.22.1
dns-nameserver 115.68.62.210
pre-up iptables-restore < /etc/iptables/rules.v4