ÔõÑùÔÚ÷è÷ë²Ù×÷ϵͳÉϾÙÐÐÍøÂçÊðÀíºÍ·À»ðǽÉèÖÃ
£¿

ÔÚµ±½ñÐÅϢʱ´ú£¬ÍøÂçÇå¾²³ÉΪÁËÒ»¸ö±¸ÊܹØ×¢µÄ»°Ìâ¡£ÔÚʹÓÃ÷è÷ë²Ù×÷ϵͳʱ£¬ÍøÂçÊðÀíºÍ·À»ðǽÉèÖÃÊDZ£»¤Ð¡ÎÒ˽ÈËÐÅÏ¢Çå¾²µÄÖ÷ÒªÒ»»·¡£±¾ÎĽ«ÏÈÈÝÔõÑùÔÚ÷è÷ë²Ù×÷ϵͳÉϾÙÐÐÍøÂçÊðÀíºÍ·À»ðǽÉèÖ㬲¢ÌṩÏìÓ¦µÄ´úÂëʾÀý¡£

Ò»¡¢ÍøÂçÊðÀíÉèÖÃ

·­¿ªÖնˣ¬ÊäÈëÏÂÁîsudo gedit /etc/environment£¬·­¿ªÇéÐαäÁ¿ÉèÖÃÎļþ¡£

ÔÚ·­¿ªµÄÎļþÖÐÌí¼ÓÒÔÏÂÄÚÈÝ£º

http_proxy="http://proxy.example.com:port/"
https_proxy="https://proxy.example.com:port/"
ftp_proxy="ftp://proxy.example.com:port/"
no_proxy="localhost,127.0.0.1,localaddress,.localdomain.com"

µÇ¼ºó¸´ÖÆ

ÆäÖУ¬proxy.example.comÊÇÊðÀíЧÀÍÆ÷µØµã£¬portÊÇÊðÀíЧÀÍÆ÷¶Ë¿ÚºÅ¡£ÈôÊÇûÓÐÊðÀíЧÀÍÆ÷£¬¿ÉÒÔ½«ÒÔÉÏÉèÖÃÐÅϢɾ³ý¡£

ÉúÑIJ¢¹Ø±ÕÎļþ¡£

ÔÚÖÕ¶ËÖÐÊäÈëÏÂÁîsudo source /etc/environment£¬Ê¹ÉèÖÃÉúЧ¡£

¼ì²éÊðÀíÉèÖÃÊÇ·ñÉúЧ£¬¿ÉÒÔÊäÈëecho $http_proxy¡¢echo $https_proxyµÈÏÂÁîÉó²éÊÇ·ñÓÐÊä³ö¡£

ͨ¹ýÒÔÉÏ°ì·¨£¬ÎÒÃÇÀÖ³ÉÔÚ÷è÷ë²Ù×÷ϵͳÉϾÙÐÐÁËÍøÂçÊðÀíÉèÖ㬱£»¤ÁËСÎÒ˽ÈËÒþ˽ºÍÇå¾²¡£

¶þ¡¢·À»ðǽÉèÖÃ

÷è÷ë²Ù×÷ϵͳĬÈÏʹÓõÄÊÇiptables×÷Ϊ·À»ðǽÈí¼þ¡£Ê×ÏÈ£¬·­¿ªÖնˣ¬Ê¹ÓÃÒÔÏÂÏÂÁî¼ì²éiptablesÊÇ·ñÒÑ×°Öãº

sudo apt-get install iptables

µÇ¼ºó¸´ÖÆ

ÆôÓ÷À»ðǽ£¬²¢ÉèÖÃĬÈÏÕ½ÂÔ¡£ÔÚÖÕ¶ËÖÐÊäÈëÒÔÏÂÏÂÁ

sudo iptables -P INPUT DROP
sudo iptables -P FORWARD DROP
sudo iptables -P OUTPUT ACCEPT

µÇ¼ºó¸´ÖÆ

ÆäÖУ¬-P²ÎÊýÖ¸¶¨ÁËĬÈÏÕ½ÂÔ£¬DROPÌåÏÖÑïÆúÊý¾Ý°ü£¬ACCEPTÌåÏÖ½ÓÊÜÊý¾Ý°ü¡£

ÉèÖÃÔÊÐíÌض¨¶Ë¿Úͨ¹ý·À»ðǽ¡£ÀýÈ磬ÈôÊÇÒªÔÊÐíSSHÅþÁ¬Í¨¹ý·À»ðǽ£¬¿ÉÒÔÊäÈëÒÔÏÂÏÂÁ

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

µÇ¼ºó¸´ÖÆ

ÆäÖУ¬-A²ÎÊýÌåÏÖÏò¹æÔòÁ´ÖÐÌí¼Ó¹æÔò£¬-p²ÎÊýÖ¸¶¨Ð­ÒéÀàÐÍ£¬–dport²ÎÊýÖ¸¶¨Ä¿µÄ¶Ë¿Ú£¬-j²ÎÊýÖ¸¶¨´¦Àí·½·¨£¬ACCEPTÌåÏÖ½ÓÊÜÊý¾Ý°ü¡£

ÉúÑIJ¢Ó¦ÓùæÔò¡£ÔÚÖÕ¶ËÖÐÒÀ´ÎÊäÈëÒÔÏÂÏÂÁ

sudo iptables-save | sudo tee /etc/iptables.up.rules
sudo iptables-restore < /etc/iptables.up.rules

µÇ¼ºó¸´ÖÆ

ͨ¹ýÒÔÉÏ°ì·¨£¬ÎÒÃÇÀÖ³ÉÔÚ÷è÷ë²Ù×÷ϵͳÉϾÙÐÐÁË·À»ðǽÉèÖã¬ÔöÇ¿ÁËÍøÂçÇå¾²ÐÔ¡£

×ܽ᣺

ÍøÂçÊðÀíºÍ·À»ðǽÉèÖÃÊDZ£»¤Ð¡ÎÒ˽ÈËÐÅÏ¢Çå¾²µÄÖ÷Òª²½·¥¡£ÔÚ±¾ÎÄÖУ¬ÎÒÃÇÏÈÈÝÁËÔõÑùÔÚ÷è÷ë²Ù×÷ϵͳÉϾÙÐÐÍøÂçÊðÀíÉèÖúͷÀ»ðǽÉèÖõÄÒªÁ죬²¢ÌṩÁËÏìÓ¦µÄ´úÂëʾÀý¡£Ï£ÍûÕâЩÉèÖÃÄܹ»×ÊÖú¶ÁÕßÔöÇ¿ÍøÂçÇå¾²Òâʶ£¬±£»¤Ð¡ÎÒ˽ÈËÒþ˽ºÍÐÅÏ¢Çå¾²¡£

ÒÔÉϾÍÊÇÔõÑùÔÚ÷è÷ë²Ù×÷ϵͳÉϾÙÐÐÍøÂçÊðÀíºÍ·À»ðǽÉèÖÃ
£¿µÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡