控制iptables的nat转发端口的实现 【第一、需求描述】 员工通过办公网络的网关服务器(linux)192.168.1.250的snat访问另外一个局域网:安全中心(10.1.1.0/24),但是为了提高安全性,只允许访问安全中心的指定端口。【第二、方案实施】
#cat/etc/sysconfig/iptables#只允许nat转发的指定的端口22,80 :PREROUTINGACCEPT[0:0] :POSTROUTINGACCEPT[1:92] :OUTPUTACCEPT[1:92] #从192.192.191.1这个ip出去,SNAT -APOSTROUTING-d10.1.1.0/24-jSNAT--to192.192.191.1 :INPUTACCEPT[0:0] :FORWARDDROP[0:0]#默认转发是关闭的 :OUTPUTACCEPT[0:0] -AFORWARD-d10.1.1.0/24-ptcp--dport22-jACCEPT#允许访问10.1.1.0/24的22端口 -AFORWARD-d10.1.1.0/24-ptcp--dport80-jACCEPT#允许访问10.1.1.0/24的80端口 -AFORWARD-d10.1.1.0/24-picmp-jACCEPT#允许ping10.1.1.0/24 |
【第三、技术详解】
POSTROUTING链的输入来源是INPUT及FORWARD,即
INPUT->POSTROUTING
FORWARD->POSTROUTING
这里SNAT都是从FORWARD过来的,所以可以通过控制FORWARD链控制SNAT的端口的白名单
本文出自 "H2O's运维&开发路" 博客,转载请与作者联系!
通过PowerShell获取域名whois信息 Whois 简单来说,就是一个用来查询域名是否已经被注册,以及注册域名的详细信息的数据库(如域名所有人、域名注册商、域名注册日期和过期日期等)。通过域名Whois服务器查询,可以查询域名归属者联系方式,以及注册和到期时间。通常情况下,whois信息均为真实信息,通过whois信息可以找到域名注册人的很多真实信息,像电话,邮箱,NS记录,是对网站进行社工非常好的信息来源,对于安全从业人员来说,快速获取whois信息,能够帮助自己掌握目标网站的很多有用信息。
而whois信息通常是保存在各级域名注册机构中,平常我们要查询whois信息都是通过godaddy、name.com、万网、新网等域名注册商网站通过查询页面提交域名进行查询,既慢又不能批量查询,太费劲了,这里我就把我珍藏很久的一个PS function贡献给大家,这个脚本支持140多种后缀的域名进行查询,尤其是一些生僻的域,找一个能支持这个域注册的注册商就不容易了,现在你不需要再为这个事情发愁了。
老规矩,先上代码,然后对关键操作进行解释:
=====文件名:Get-whois.ps1===== function Get-WhoIs { <# Author:fuhj(powershell#live.cn ,http://fuhaijun.com) # Does a raw WHOIS query and returns the results # The simplest whois search #.Example # get-whois dnspod.com # # This example is one that forwards to a second whois server ... #.Example # get-whois baidu.com -NoForward # # Returns the partial results you get when you don't follow forwarding to a new whois server # get-whois n 128.11.5.98 -server whois.arin.net # # Does an ip lookup at arin.net #> [CmdletBinding()] param( # The query to send to WHOIS servers [Parameter(Position=0, ValueFromRemainingArguments=$true)] [string]$query, # A specific whois server to search [string]$server, # Disable forwarding to new whois servers [switch]$NoForward ) end { $TLDs = DATA { @{ ".com"= "whois.verisign-grs.com","whois.crsnic.net" ".net"= "whois.verisign-grs.com","whois.crsnic.net" ".org"= "whois.pir.org","whois.publicinterestregistry.net" ".info"= "whois.afilias.info","whois.afilias.net" ".biz"= "whois.neulevel.biz" ".us"= "whois.nic.us" ".uk"= "whois.nic.uk" ".ca"= "whois.cira.ca" ".tel"= "whois.nic.tel" ".ie"= "whois.iedr.ie","whois.domainregistry.ie" ".it"= "whois.nic.it" ".li"= "whois.nic.li" ".no"= "whois.norid.no" ".cc"= "whois.nic.cc" ".eu"= "whois.eu" ".nu"= "whois.nic.nu" ".au"= "whois.aunic.net","whois.ausregistry.net.au" ".de"= "whois.denic.de" ".ws"= "whois.worldsite.ws","whois.nic.ws","www.nic.ws" ".sc"= "whois2.afilias-grs.net" ".mobi" = "whois.dotmobiregistry.net" ".pro"= "whois.registrypro.pro","whois.registry.pro" ".edu"= "whois.educause.net","whois.crsnic.net" ".tv"= "whois.nic.tv","tvwhois.verisign-grs.com" ".travel" = "whois.nic.travel" ".name" = "whois.nic.name" ".in"= "whois.inregistry.net","whois.registry.in" ".me"= "whois.nic.me","whois.meregistry.net" ".at"= "whois.nic.at" ".be"= "whois.dns.be" ".cn"= "whois.cnnic.cn","whois.cnnic.net.cn" ".edu.cn"="whois.edu.cn" ".asia"= "whois.nic.asia" ".ru"= "whois.ripn.ru","whois.ripn.net" ".ro"= "whois.rotld.ro" ".aero" = "whois.aero" ".fr"= "whois.nic.fr" ".se"= "whois.iis.se","whois.nic-se.se","whois.nic.se" ".nl"= "whois.sidn.nl","whois.domain-registry.nl" ".nz"= "whois.srs.net.nz","whois.domainz.net.nz" ".mx"= "whois.nic.mx" ".tw"= "whois.apnic.net","whois.twnic.net.tw" ".ch"= "whois.nic.ch" ".hk"= "whois.hknic.net.hk" ".ac"= "whois.nic.ac" ".ae"= "whois.nic.ae" ".af"= "whois.nic.af" ".ag"= "whois.nic.ag" ".al"= "whois.ripe.net" ".am"= "whois.amnic.net" ".as"= "whois.nic.as" ".az"= "whois.ripe.net" ".ba"= "whois.ripe.net" ".bg"= "whois.register.bg" ".bi"= "whois.nic.bi" ".bj"= "www.nic.bj" ".br"= "whois.nic.br" ".br.com"="whois.centralnic.net" ".eu.org"="whois.eu.org" ".bt"= "whois.netnames.net" ".by"= "whois.ripe.net" ".bz"= "whois.belizenic.bz" ".cd"= "whois.nic.cd" ".ck"= "whois.nic.ck" ".cl"= "nic.cl" ".coop"= "whois.nic.coop" ".cx"= "whois.nic.cx" ".cy"= "whois.ripe.net" ".cz"= "whois.nic.cz" ".dk"= "whois.dk-hostmaster.dk" ".dm"= "whois.nic.cx" ".dz"= "whois.ripe.net" ".ee"= "whois.eenet.ee" ".eg"= "whois.ripe.net" ".es"= "whois.ripe.net" ".fi"= "whois.ficora.fi" ".fo"= "whois.ripe.net" ".gb"= "whois.ripe.net" ".ge"= "whois.ripe.net" ".gl"= "whois.ripe.net" ".gm"= "whois.ripe.net" ".gov"= "whois.nic.gov" ".gr"= "whois.ripe.net" ".gs"= "whois.adamsnames.tc" ".hm"= "whois.registry.hm" ".hn"= "whois2.afilias-grs.net" ".hr"= "whois.ripe.net" ".hu"= "whois.ripe.net" ".il"= "whois.isoc.org.il" ".int"= "whois.isi.edu" ".iq"= "vrx.net" ".ir"= "whois.nic.ir" ".is"= "whois.isnic.is" ".je"= "whois.je" ".jp"= "whois.jprs.jp" ".kg"= "whois.domain.kg" ".kr"= "whois.nic.or.kr" ".la"= "whois2.afilias-grs.net" ".lt"= "whois.domreg.lt" ".lu"= "whois.restena.lu" ".lv"= "whois.nic.lv" ".ly"= "whois.lydomains.com" ".ma"= "whois.iam.net.ma" ".mc"= "whois.ripe.net" ".md"= "whois.nic.md" ".mil"= "whois
没有评论:
发表评论