我尝试在iptables中添加规则
-A input -s 188.241.114.22 -j DROP
但尽管如此,我仍然看到来自该IP的连接.
我正在使用centOS,我正在添加像你这样的规则:
iptables -A input -s 188.241.114.22 -j DROP
正好我用它来保存它:service iptables save
这是iptables -L -v的输出
Chain input (policy ACCEPT 120K packets,16M bytes) pkts bytes target prot opt in out source destination 0 0 DROP all -- any any lg01.mia02.pccwbtn.net anywhere 0 0 DROP all -- any any c-98-210-5-174.hsd1.ca.comcast.net anywhere 0 0 DROP all -- any any c-98-201-5-174.hsd1.tx.comcast.net anywhere 0 0 DROP all -- any any lg01.mia02.pccwbtn.net anywhere 0 0 DROP all -- any any www.dabacus2.com anywhere 0 0 DROP all -- any any 116.255.163.100 anywhere 0 0 DROP all -- any any 94.23.119.11 anywhere 0 0 DROP all -- any any 164.bajanet.mx anywhere 0 0 DROP all -- any any 173-203-71-136.static.cloud-ips.com anywhere 0 0 DROP all -- any any v1.oxygen.ro anywhere 0 0 DROP all -- any any 74.122.177.12 anywhere 0 0 DROP all -- any any 58.83.227.150 anywhere 0 0 DROP all -- any any v1.oxygen.ro anywhere 0 0 DROP all -- any any v1.oxygen.ro anywhereChain FORWARD (policy ACCEPT 0 packets,0 bytes) pkts bytes target prot opt in out source destinationChain OUTPUT (policy ACCEPT 186K packets,224M bytes) pkts bytes target prot opt in out source destination解决方法 命令iptables -A input在input链的末尾添加一个新规则. Iptables在第一个匹配原则上工作,因此您可能有规则允许在链中较早的端口80上访问.
使用a保存iptables的状态
服务iptables保存
然后编辑/ etc / sysconfig / iptables文件并将-A input -s 188.241.114.22 -j DROP移动到允许端口80的行上方.保存文件并运行
service iptables restart
总结以上是内存溢出为你收集整理的linux – Iptables忽略配置文件中的规则全部内容,希望文章能够帮你解决linux – Iptables忽略配置文件中的规则所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)