我正在与不同的托pipe公司运行几个vps。 我们的一台服务器最近引起了很多麻烦,随机拒绝某些networking(办公室,家庭,移动热点)访问服务器。 有些日子,它没有任何问题,有一天,它完全被封锁。 我也有一个专用的服务器监视器,告诉我所有的服务都可以联机。 Pinging仍在工作,但是通过SSH,Port 80等访问被立即拒绝。 我正在运行fail2ban,但在日志中没有看到任何阻塞的IP地址。 所以我的假设是这个问题是由我的iptables规则集引起的。
Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- anywhere anywhere ctstate INVALID ACCEPT icmp -- anywhere anywhere icmp echo-request ctstate NEW UDP udp -- anywhere anywhere ctstate NEW TCP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN ctstate NEW REJECT tcp -- anywhere anywhere recent: SET name: TCP-PORTSCAN side: source reject-with tcp-reset REJECT udp -- anywhere anywhere recent: SET name: UDP-PORTSCAN side: source reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain TCP (1 references) target prot opt source destination REJECT tcp -- anywhere anywhere recent: UPDATE seconds: 60 name: TCP-PORTSCAN side: source reject-with tcp-reset ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:921 Chain UDP (1 references) target prot opt source destination REJECT udp -- anywhere anywhere recent: UPDATE seconds: 60 name: UDP-PORTSCAN side: source reject-with icmp-port-unreachable 有没有任何规则可能会导致这个问题,为什么?
PS:921是我的自定义ssh端口。