#iptables -L -n -v Chain INPUT (policy ACCEPT 42 packets, 3360 bytes) pkts bytes target prot opt in out source destination 207 15586 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- eth0 * 78.12.0.0/14 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT tcp -- eth0 * 84.220.0.0/14 0.0.0.0/0 tcp dpt:22 119 7108 DROP tcp -- * * !78.12.47.44 0.0.0.0/0 tcp dpt:80 0 0 DROP all -- eth0 * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 143 packets, 16147 bytes) pkts bytes target prot opt in out source destination 站在这些防火墙规则,为什么在auth.log我发现
Jan 24 23:51:24 vps45276 sshd[1579]: Invalid user toto from 178.32.42.238 Jan 24 23:51:24 vps45276 sshd[1579]: Received disconnect from 178.32.42.238: 11: Bye Bye [preauth] Jan 25 00:10:09 vps45276 sshd[1608]: Invalid user serveur from 178.32.42.238 Jan 25 00:10:09 vps45276 sshd[1608]: Received disconnect from 178.32.42.238: 11: Bye Bye [preauth]
我在规则上犯了什么错误?
你只需要在eth0上下载stream量。 但不必要的stream量几乎肯定是通过不同的接口进入的。 从最终的DROP规则中删除该限定符,并更好地将INPUT表的策略设置为DROP 。