关于【iptables】的问题- 第1页

Никита

Asked: 2024-02-18 16:24:49 +0000 UTC

Ipset + Iptables。iptables 中的规则在不需要时绕过 Ipset 中的 IP

5

我的最终目标：借助 Ipset 阻止大量子网

我正在 Iptables 中创建一条规则。我希望只有从从 128.0.0.0 开始到 159.255.255.254 结束的 IP 地址连接的用户才会通过 Ipset 检查，在名为“block128”的列表中，其中包含我想要拒绝的从 128.0 开始的所有子网.0.0 和结尾 159.255.255.254

iptables -A INPUT -s 128.0.0.0/3 -m set --match-set block128 src -j DROP

但是，例如，我从 IP 地址 85.133.90.30 进行连接，该地址不属于此列表，并且会出现 3-5 秒的延迟（这不应该存在，因为我不属于这个 128.0.0.0/3 ，从逻辑上讲，我不应该检查列表“block128”），如果我从 IP 128.133.90.30 连接，情况也是如此。通过删除这条规则，问题就消失了，没有延迟

也许我做错了什么。我想知道为什么会发生这种情况以及如何正确执行

Lasna

Asked: 2022-06-14 22:16:40 +0000 UTC

如何在 iptables/nftables 中临时打开一个端口？

1

比如我提出了 Nginx，想给团队展示一下。默认情况下，我有iptables -P INPUT DROP.

我想打开它说1小时。怎么做？

到目前为止，想法才刚刚出现，就是写个脚本去哪里睡觉，然后把规则删掉就好了。但也许有解决办法？

Ne0shka

Asked: 2020-04-24 14:56:10 +0000 UTC

iptables：基于域重定向流量

0

有 2 个域 domain.com 和 domain.ru，有一个带有 Debian OS 和 iptables 的服务器。是否可以根据连接通过的域将传入流量重定向到端口？示例：domain.com:7777 => 127.0.0.1:7777 domain.ru:7777 => 127.0.0.1:7778

Алексей Ковальчук

Asked: 2020-03-19 21:20:11 +0000 UTC

iptables -m 最近在机器人攻击期间不起作用

0

我设置了 iptables -m 最近的规则，如果我测试它们，它们就会起作用。但是在一次重大的机器人攻击期间，它们似乎完全被关闭了。

以下是 INPUT 规则的完整列表：

Chain INPUT (policy DROP 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1      100  5340 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565 match-set f2b-bungeecord-wrong-packet src reject-with icmp-port-unreachable
2        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565 match-set f2b-bungeecord-connection-login src reject-with icmp-port-unreachable
3     1885 97424 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565 match-set f2b-bungeecord-connection-ping src reject-with icmp-port-unreachable
4     1077 55500 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565 match-set f2b-bungeecord-antibot-filter src reject-with icmp-port-unreachable
5        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565 match-set f2b-bungeecord-wrong-packet src reject-with icmp-port-unreachable
6        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565 match-set f2b-bungeecord-connection-login src reject-with icmp-port-unreachable
7        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565 match-set f2b-bungeecord-connection-ping src reject-with icmp-port-unreachable
8        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565 match-set f2b-bungeecord-antibot-filter src reject-with icmp-port-unreachable
9        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565 match-set f2b-bungeecord-wrong-packet src reject-with icmp-port-unreachable
10     28M 4410M ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
11    401M   43G ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
12     351 19304 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: CHECK seconds: 1 hit_count: 3 name: minecraft side: source mask: 255.255.255.255
13      38  1976 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: CHECK seconds: 10 hit_count: 14 name: minecraft side: source mask: 255.255.255.255
14       0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: CHECK seconds: 60 hit_count: 70 name: minecraft side: source mask: 255.255.255.255
15    1070 64200 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: CHECK seconds: 300 hit_count: 100 name: minecraft side: source mask: 255.255.255.255
16   40420 2181K ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: SET name: minecraft side: source mask: 255.255.255.255
17       0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 flags:0x17/0x02 #conn src/16 > 200
18       0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 flags:0x17/0x02 #conn src/24 > 50
19       0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 flags:0x17/0x02 #conn src/32 > 8
20     426 22880 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25565,25580,80,443,25569,8192 ctstate NEW
21       0     0 ACCEPT     all  --  docker0 *       0.0.0.0/0            0.0.0.0/0
22    2614 85222 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW
23   12870  772K ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW match-set whitelist_ips src
24       0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW match-set whitelist_nets src
25   11860  485K LOGGING-DROPPED  all  --  *      *       0.0.0.0/0            0.0.0.0/0

特别是那些不起作用的规则：

12     351 19304 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: CHECK seconds: 1 hit_count: 3 name: minecraft side: source mask: 255.255.255.255
13      38  1976 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: CHECK seconds: 10 hit_count: 14 name: minecraft side: source mask: 255.255.255.255
14       0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: CHECK seconds: 60 hit_count: 70 name: minecraft side: source mask: 255.255.255.255
15    1070 64200 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: CHECK seconds: 300 hit_count: 100 name: minecraft side: source mask: 255.255.255.255
16   40420 2181K ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25565 state NEW recent: SET name: minecraft side: source mask: 255.255.255.255

配置1秒内不超过3个连接，10秒内不超过14个连接。今天发生了一次攻击，这是我在日志文件中看到的（这是半秒的日志文件）：

[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #3/INFO]: [217.27.219.14] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #3/INFO]: [217.27.219.14] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #3/INFO]: [217.27.219.14] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #3/INFO]: [217.27.219.14] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #3/INFO]: [217.27.219.14] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #3/INFO]: [217.27.219.14] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #3/INFO]: [217.27.219.14] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #3/INFO]: [217.27.219.14] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #4/INFO]: [177.74.112.142] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #3/INFO]: [217.27.219.14] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #7/INFO]: [103.214.41.98] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #2/INFO]: [36.37.175.123] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #6/INFO]: [95.158.63.61] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #0/INFO]: [60.2.44.182] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #1/INFO]: [116.206.60.10] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)
[13:21:33] [Netty Worker IO Thread #5/INFO]: [122.55.202.100] sent wrong Handshake packet. Junk??)

为什么在机器人攻击期间规则不起作用？

Александр Сутыркин

Asked: 2020-09-25 17:17:58 +0000 UTC

iptables 关闭除 22.80 之外的所有内容 - 减慢

2

有一个带有网站的小型服务器：

apache 8080
nginx 80
mysql 3306
ssh 22

有必要关闭一切，只留下22和80。

我这样做如下：

iptables -A INPUT -p tcp -m tcp -m multiport --dports 80,22 -j ACCEPT
iptables -A INPUT -m conntrack -j ACCEPT  --ctstate RELATED,ESTABLISHED
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -j DROP
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -j DROP
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -j DROP

结果，一切正常，但出现了疯狂的刹车。该站点会等待很长时间，然后加载（并非总是如此），如果没有这些规则，它可以很好地工作。这就是问题。

Ipset + Iptables。iptables 中的规则在不需要时绕过 Ipset 中的 IP

如何在 iptables/nftables 中临时打开一个端口？

iptables：基于域重定向流量

iptables -m 最近在机器人攻击期间不起作用

iptables 关闭除 22.80 之外的所有内容 - 减慢

我看不懂措辞

请求的模块“del”不提供名为“default”的导出

"!+tab" 在 HTML 的 vs 代码中不起作用

我正在尝试解决“猜词”的问题。Python

可以使用哪些命令将当前指针移动到指定的提交而不更改工作目录中的文件？

Python解析野莓

问题：“警告：检查最新版本的 pip 时出错。”

帮助编写一个用值填充变量的循环。解决这个问题

尽管依赖数组为空，但在渲染上调用了 2 次 useEffect

数据不通过 Telegram.WebApp.sendData 发送

问题[iptables]