iptables的问题

[blueboy82006]

[root@localhost ~]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds
DROP udp -- anywhere anywhere udp dpt:microsoft-ds

Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:krb524
DROP udp -- anywhere anywhere udp dpt:krb524
DROP tcp -- anywhere anywhere tcp dpt:netbios-ns
DROP udp -- anywhere anywhere udp dpt:netbios-ns
DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds
DROP udp -- anywhere anywhere udp dpt:microsoft-ds
DROP tcp -- anywhere anywhere tcp dpt:tftp
DROP udp -- anywhere anywhere udp dpt:tftp
DROP tcp -- anywhere anywhere tcp spt:netbios-ns
DROP udp -- anywhere anywhere udp spt:netbios-ns
DROP tcp -- anywhere anywhere tcp dpt:netbios-ssn
DROP udp -- anywhere anywhere udp dpt:netbios-ssn

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds
DROP udp -- anywhere anywhere udp dpt:microsoft-ds

Chain RH-Firewall-1-INPUT (0 references)
target prot opt source destination
[root@localhost ~]#

请问要得到如上的 iptables 效果应该如何设置？？
请高手指点！！

先谢过！！

[humw]

在command-line里面一条一条添加，要么写个脚本批量添加。
如果你的意思是要问iptables的命令的话：
添加有2个参数可用，-I和-A
例如要在INPUT这个chain里面添加一条规则，可以这样写：
iptables -I INPUT -d x.x.x.x/x -p xx --dport xx -j xxxxxxxxx
详细的解释在iptables的help信息和manual中都可以找到