服务器 Gind.cn
  1. 服务器 Gind.cn
  3. Debian服务器:传入SSH / PING / TELNET / …作品 – 传出不
Intereting Posts
configurationAzure AD身份validation samba4 ad-dc windows xp不能更改密码 每个IP的HTBstream量整形器 – 用户下载速度在高峰期下降 如何find我的服务器正在使用的Python可执行文件? “企业PKI”MMC是否允许对PKI进行任何自动化testing? Windows VPN与不同的子网 带宽使用最多 在Ubuntu下维护旧的兼容性问题库 一段时间后,RDP或SSH连接通过Windows 2008服务器VPN挂起 无法访问L2TP VPN上的远程共享 Puppet,Windows和UAC Session在tomcat中以nginx作为代理丢失 我怎样才能使用socks5代理docker合成拉图像? OpenVPN的iptables和一个tun接口 Solaris 10共享IP区域networking的悲哀:连接进入(缓慢),但他们不出去

Debian服务器:传入SSH / PING / TELNET / …作品 – 传出不

我提到了我的linux系统的一个奇怪的行为:

重新启动系统后,我可以通过SSH连接到服务器,服务器响应PING。 但是服务器本身不能ping任何其他服务器。 

# ping google.de ^C #

我也试过ping 8.8.8.8 

 # ping 8.8.8.8 ^C #

我也检查了IPTables-Firewall: 

 # iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination

这是iptables-save的输出: 

 # Generated by iptables-save v1.4.21 on Sat Jan 9 15:32:05 2016 *mangle :PREROUTING ACCEPT [195612:29645179] :INPUT ACCEPT [195139:29597314] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [191509:144973069] :POSTROUTING ACCEPT [191487:144962209] COMMIT # Completed on Sat Jan 9 15:32:05 2016 # Generated by iptables-save v1.4.21 on Sat Jan 9 15:32:05 2016 *nat :PREROUTING ACCEPT [16150:972249] :INPUT ACCEPT [15873:943476] :OUTPUT ACCEPT [2778:195347] :POSTROUTING ACCEPT [2778:195347] COMMIT # Completed on Sat Jan 9 15:32:05 2016 # Generated by iptables-save v1.4.21 on Sat Jan 9 15:32:05 2016 *filter :INPUT ACCEPT [82916:15824405] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [76735:21176202] COMMIT # Completed on Sat Jan 9 15:32:05 2016

这是8.8.8.8的traceroute 

 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 * * * 2 * * * 3 * * * 4 * * * 5 * * * 6 *^C

而路由本身: 

 Kernel-IP-Routentabelle Ziel Router Genmask Flags Metric Ref Use Iface 0.0.0.0 85.xx.1.1 0.0.0.0 UG 0 0 0 eth0 85.xx.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.6.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.7.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.12.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.14.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.16.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.17.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.18.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.19.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.21.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.22.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.23.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.24.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.25.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.26.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.27.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.28.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.29.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.30.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 85.xx.31.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.4.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.7.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.9.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.12.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.13.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.14.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.15.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.16.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.19.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.21.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.23.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.24.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.26.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.27.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.28.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.29.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.30.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.31.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.32.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.33.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.34.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.35.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.36.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.37.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.38.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.39.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.40.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.43.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.44.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.45.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.46.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.48.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.49.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 89.xxx.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 1xx.24.208.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 1xx.24.209.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 1xx.24.210.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

这是ip addr show的结果 

 ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 0c:c4:7a:31:49:f8 brd ff:ff:ff:ff:ff:ff inet 85.xx.x.246/24 brd 85.xx.x.255 scope global eth0 valid_lft forever preferred_lft forever inet 85.xx.xx.80/24 brd 85.xx.xx.255 scope global eth0:1 valid_lft forever preferred_lft forever inet 193.xx.xxx.203/24 brd 193.xx.xxx.255 scope global eth0:2 valid_lft forever preferred_lft forever and so on

接口已经启动并正在运行 – 可能导致这个问题的原因是什么?

我通过tcpdump监视连接:这是结果: 

 # tcpdump dst 8.8.8.8 -w /tmp/tcpdump tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes ^C70 packets captured 70 packets received by filter 0 packets dropped by kernel listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 15:21:57.484886 IP server.example.com.36115 > 8.8.8.8.domain: 47207+ A? collector.newrelic.com. (40) 15:21:57.484895 IP server.example.com.36115 > 8.8.8.8.domain: 6559+ AAAA? collector.newrelic.com. (40) 15:21:57.873854 IP server.example.com.59617 > 8.8.8.8.domain: 29097+ PTR? 231.201.203.64.in-addr.arpa. (45) 15:21:57.874880 IP server.example.com > 8.8.8.8: ICMP echo request, id 23608, seq 99, length 64 15:21:58.119951 IP server.example.com.56377 > 8.8.8.8.domain: 16236+ PTR? 8.8.8.8.in-addr.arpa. (38) 15:21:58.396881 IP server.example.com.47984 > 8.8.8.8.domain: 58900+ PTR? 52.39.140.95.in-addr.arpa. (43) 15:21:58.882882 IP server.example.com > 8.8.8.8: ICMP echo request, id 23608, seq 100, length 64 15:21:59.794301 IP server.example.com.33657 > 8.8.8.8.domain: 49356+ PTR? 194.94.45.70.in-addr.arpa. (43) 15:21:59.964218 IP server.example.com.44113 > 8.8.8.8.domain: 51976+ PTR? 178.186.148.66.in-addr.arpa. (45) 15:22:00.033621 IP server.example.com.51669 > 8.8.8.8.domain: 46383+ A? 110.208.16.216.ix.dnsbl.manitu.net. (52) 15:22:01.096586 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 1, length 64 15:22:01.272051 IP server.example.com.50628 > 8.8.8.8.domain: 33444+ A? 221.170.189.113.sbl-xbl.spamhaus.org. (54) 15:22:01.639669 IP server.example.com.48543 > 8.8.8.8.domain: 694+ PTR? 242.40.10.176.in-addr.arpa. (44) 15:22:01.918993 IP server.example.com.60321 > 8.8.8.8.domain: 45439+ A? 11.179.189.5.ix.dnsbl.manitu.net. (50) 15:22:02.098337 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 2, length 64 15:22:02.546164 IP server.example.com.48905 > 8.8.8.8.domain: 4436+ PTR? 231.218.240.187.in-addr.arpa. (46) 15:22:02.878905 IP server.example.com.59617 > 8.8.8.8.domain: 29097+ PTR? 231.201.203.64.in-addr.arpa. (45) 15:22:03.106976 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 3, length 64 15:22:03.125014 IP server.example.com.56377 > 8.8.8.8.domain: 16236+ PTR? 8.8.8.8.in-addr.arpa. (38) 15:22:03.444852 IP server.example.com.39858 > 8.8.8.8.domain: 30888+ A? 52.39.140.95.ix.dnsbl.manitu.net. (50) 15:22:04.114892 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 4, length 64 15:22:04.799409 IP server.example.com.33657 > 8.8.8.8.domain: 49356+ PTR? 194.94.45.70.in-addr.arpa. (43) 15:22:04.969287 IP server.example.com.44113 > 8.8.8.8.domain: 51976+ PTR? 178.186.148.66.in-addr.arpa. (45) 15:22:05.038655 IP server.example.com.51669 > 8.8.8.8.domain: 46383+ A? 110.208.16.216.ix.dnsbl.manitu.net. (52) 15:22:08.146971 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 8, length 64 15:22:08.449933 IP server.example.com.39858 > 8.8.8.8.domain: 30888+ A? 52.39.140.95.ix.dnsbl.manitu.net. (50) 15:22:09.154943 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 9, length 64 15:22:09.714225 IP server.example.com.55765 > 8.8.8.8.domain: 3955+ A? 231.201.203.64.ix.dnsbl.manitu.net. (52) 15:22:10.043790 IP server.example.com.59926 > 8.8.8.8.domain: 7570+ A? 110.208.16.216.sbl-xbl.spamhaus.org. (53)