首页 > 系统相关 >Linux中iptables自定义链

Linux中iptables自定义链

时间:2022-11-04 16:56:11浏览次数:51  
标签:iptables udp dpt RETURN 自定义 -- 0.0 tcp Linux

[root@cloudos02 ~]# iptables -nvL --line-number
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 592M 569G BLOCK_PORTS udp -- * * 0.0.0.0/0 0.0.0.0/0 udp
2 323M 268G BLOCK_PORTS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp
3 118G 123T KUBE-NODEPORT-NON-LOCAL all -- * * 0.0.0.0/0 0.0.0.0/0 /* Ensure that non-local NodePort traffic can flow /
4 71G 63T KUBE-EXTERNAL-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW / kubernetes externally-visible service portals /
5 118G 123T OPENSHIFT-FIREWALL-ALLOW all -- * * 0.0.0.0/0 0.0.0.0/0 / firewall overrides */
6 38G 44T KUBE-FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0
7 38G 44T ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
8 2233K 175M ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
9 700M 55G ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
10 13M 696M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
11 101M 5374M OS_FIREWALL_ALLOW all -- * * 0.0.0.0/0 0.0.0.0/0
12 12M 473M REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 BLOCK_PORTS udp -- * * 0.0.0.0/0 0.0.0.0/0 udp
2 721M 214G BLOCK_PORTS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp
3 61G 35T DOCKER-ISOLATION all -- * * 0.0.0.0/0 0.0.0.0/0
4 561K 43M DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
5 4 288 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
6 518K 39M ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
7 0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
8 61G 35T MYSQL3306 all -- * * 0.0.0.0/0 0.0.0.0/0
9 61G 35T KUBE-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes forwarding rules /
10 167M 10G OPENSHIFT-ADMIN-OUTPUT-RULES all -- tun0 !tun0 0.0.0.0/0 0.0.0.0/0 / administrator overrides /
11 2114M 127G OPENSHIFT-FIREWALL-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 / firewall overrides */
12 417 26660 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 29086 packets, 22M bytes)
num pkts bytes target prot opt in out source destination
1 69G 51T KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW /* kubernetes service portals */
2 116G 108T KUBE-FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0

Chain BLOCK_PORTS (4 references)
num pkts bytes target prot opt in out source destination
1 0 0 RETURN tcp -- * * 10.200.91.35 0.0.0.0/0 tcp
2 0 0 RETURN udp -- * * 10.200.91.35 0.0.0.0/0 udp
3 786M 338G RETURN tcp -- * * 10.240.0.0/12 0.0.0.0/0 tcp
4 5882K 514M RETURN udp -- * * 10.240.0.0/12 0.0.0.0/0 udp
5 0 0 RETURN tcp -- * * 10.249.50.0/24 0.0.0.0/0 tcp
6 0 0 RETURN udp -- * * 10.249.50.0/24 0.0.0.0/0 udp
7 0 0 RETURN tcp -- * * 10.30.144.145 0.0.0.0/0 tcp
8 0 0 RETURN udp -- * * 10.30.144.145 0.0.0.0/0 udp
9 579 30964 RETURN tcp -- * * 10.71.142.66 0.0.0.0/0 tcp
10 0 0 RETURN udp -- * * 10.71.142.66 0.0.0.0/0 udp
11 0 0 RETURN tcp -- * * 10.71.144.0/25 0.0.0.0/0 tcp
12 0 0 RETURN udp -- * * 10.71.144.0/25 0.0.0.0/0 udp
13 409K 29M RETURN tcp -- * * 10.71.144.145 0.0.0.0/0 tcp
14 0 0 RETURN udp -- * * 10.71.144.145 0.0.0.0/0 udp
15 0 0 RETURN tcp -- * * 10.71.144.146 0.0.0.0/0 tcp
16 0 0 RETURN udp -- * * 10.71.144.146 0.0.0.0/0 udp
17 0 0 RETURN tcp -- * * 10.71.144.147 0.0.0.0/0 tcp
18 0 0 RETURN udp -- * * 10.71.144.147 0.0.0.0/0 udp
19 0 0 RETURN tcp -- * * 10.71.144.148 0.0.0.0/0 tcp
20 0 0 RETURN udp -- * * 10.71.144.148 0.0.0.0/0 udp
21 0 0 RETURN tcp -- * * 10.71.148.240 0.0.0.0/0 tcp
22 0 0 RETURN udp -- * * 10.71.148.240 0.0.0.0/0 udp
23 0 0 RETURN tcp -- * * 10.71.148.241 0.0.0.0/0 tcp
24 0 0 RETURN udp -- * * 10.71.148.241 0.0.0.0/0 udp
25 6058 285K RETURN tcp -- * * 10.71.149.0/24 0.0.0.0/0 tcp
26 0 0 RETURN udp -- * * 10.71.149.0/24 0.0.0.0/0 udp
27 11M 2019M RETURN tcp -- * * 127.0.0.1 0.0.0.0/0 tcp
28 9563K 1201M RETURN udp -- * * 127.0.0.1 0.0.0.0/0 udp
29 7885 778K RETURN tcp -- * * 172.17.0.0/16 0.0.0.0/0 tcp
30 0 0 RETURN udp -- * * 172.17.0.0/16 0.0.0.0/0 udp
31 0 0 RETURN tcp -- * * 189.100.137.0/24 0.0.0.0/0 tcp
32 0 0 RETURN udp -- * * 189.100.137.0/24 0.0.0.0/0 udp
33 29 3552 RETURN tcp -- * * 189.100.61.0/24 0.0.0.0/0 tcp
34 0 0 RETURN udp -- * * 189.100.61.0/24 0.0.0.0/0 udp
35 0 0 RETURN tcp -- * * 189.101.130.0/24 0.0.0.0/0 tcp
36 0 0 RETURN udp -- * * 189.101.130.0/24 0.0.0.0/0 udp
37 7152 538K RETURN tcp -- * * 189.101.131.0/24 0.0.0.0/0 tcp
38 0 0 RETURN udp -- * * 189.101.131.0/24 0.0.0.0/0 udp
39 241M 141G RETURN tcp -- * * 189.101.132.0/24 0.0.0.0/0 tcp
40 577M 567G RETURN udp -- * * 189.101.132.0/24 0.0.0.0/0 udp
41 0 0 RETURN tcp -- * * 189.101.16.0/24 0.0.0.0/0 tcp
42 0 0 RETURN udp -- * * 189.101.16.0/24 0.0.0.0/0 udp
43 0 0 RETURN tcp -- * * 189.101.17.0/24 0.0.0.0/0 tcp
44 0 0 RETURN udp -- * * 189.101.17.0/24 0.0.0.0/0 udp
45 0 0 RETURN tcp -- * * 189.101.189.0/24 0.0.0.0/0 tcp
46 0 0 RETURN udp -- * * 189.101.189.0/24 0.0.0.0/0 udp
47 0 0 RETURN tcp -- * * 189.101.22.0/24 0.0.0.0/0 tcp
48 0 0 RETURN udp -- * * 189.101.22.0/24 0.0.0.0/0 udp
49 0 0 RETURN tcp -- * * 189.101.23.0/24 0.0.0.0/0 tcp
50 0 0 RETURN udp -- * * 189.101.23.0/24 0.0.0.0/0 udp
51 0 0 RETURN tcp -- * * 189.101.247.0/24 0.0.0.0/0 tcp
52 0 0 RETURN udp -- * * 189.101.247.0/24 0.0.0.0/0 udp
53 6319 341K RETURN tcp -- * * 189.101.29.0/24 0.0.0.0/0 tcp
54 0 0 RETURN udp -- * * 189.101.29.0/24 0.0.0.0/0 udp
55 1103 178K RETURN tcp -- * * 189.101.77.0/24 0.0.0.0/0 tcp
56 0 0 RETURN udp -- * * 189.101.77.0/24 0.0.0.0/0 udp
57 40 8156 RETURN tcp -- * * 188.98.0.0/17 0.0.0.0/0 tcp
58 0 0 RETURN udp -- * * 188.98.0.0/17 0.0.0.0/0 udp
59 0 0 RETURN tcp -- * * 188.98.128.0/17 0.0.0.0/0 tcp
60 0 0 RETURN udp -- * * 188.98.128.0/17 0.0.0.0/0 udp
61 462 33351 RETURN tcp -- * * 192.168.96.253 0.0.0.0/0 tcp
62 0 0 RETURN udp -- * * 192.168.96.253 0.0.0.0/0 udp
63 3115K 219M RETURN tcp -- * * 195.180.1.0/24 0.0.0.0/0 tcp
64 0 0 RETURN udp -- * * 195.180.1.0/24 0.0.0.0/0 udp
65 0 0 RETURN tcp -- * * 195.180.3.0/24 0.0.0.0/0 tcp
66 0 0 RETURN udp -- * * 195.180.3.0/24 0.0.0.0/0 udp
67 0 0 RETURN tcp -- * * 195.180.4.0/24 0.0.0.0/0 tcp
68 0 0 RETURN udp -- * * 195.180.4.0/24 0.0.0.0/0 udp
69 0 0 RETURN tcp -- * * 30.1.1.104/29 0.0.0.0/0 tcp
70 0 0 RETURN udp -- * * 30.1.1.104/29 0.0.0.0/0 udp
71 291K 28M RETURN tcp -- * * 30.1.4.0/24 0.0.0.0/0 tcp
72 0 0 RETURN udp -- * * 30.1.4.0/24 0.0.0.0/0 udp
73 982K 213M RETURN tcp -- * * 30.1.48.0/20 0.0.0.0/0 tcp
74 0 0 RETURN tcp -- * * 127.0.0.1 0.0.0.0/0 tcp
75 0 0 RETURN udp -- * * 127.0.0.1 0.0.0.0/0 udp
76 14 840 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2375
77 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2375
78 11 660 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:11211
79 1 43 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:11211

Chain DOCKER (1 references)
num pkts bytes target prot opt in out source destination
1 561K 43M ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.2 tcp dpt:5000

Chain DOCKER-ISOLATION (1 references)
num pkts bytes target prot opt in out source destination
1 61G 35T RETURN all -- * * 0.0.0.0/0 0.0.0.0/0

Chain KUBE-EXTERNAL-SERVICES (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* cloudos-iaas/os-cas-svc:os-cas-svc has no endpoints / ADDRTYPE match dst-type LOCAL tcp dpt:8080 reject-with icmp-port-unreachable
2 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 / cloudos-iaas/os-cas-svc:cvktocvm has no endpoints / ADDRTYPE match dst-type LOCAL tcp dpt:20045 reject-with icmp-port-unreachable
3 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 / cloudos-iaas/os-cas-svc:casserver2 has no endpoints / ADDRTYPE match dst-type LOCAL tcp dpt:20041 reject-with icmp-port-unreachable
4 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 / cloudos-iaas/os-cas-svc:hatoback has no endpoints / ADDRTYPE match dst-type LOCAL udp dpt:20042 reject-with icmp-port-unreachable
5 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 / qunding/qunding-svc:qunding-mysql has no endpoints / ADDRTYPE match dst-type LOCAL tcp dpt:23308 reject-with icmp-port-unreachable
6 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 / cloudos-iaas/os-cas-svc:casserver1 has no endpoints / ADDRTYPE match dst-type LOCAL udp dpt:162 reject-with icmp-port-unreachable
7 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 / qunding/qunding-svc:qunding has no endpoints / ADDRTYPE match dst-type LOCAL tcp dpt:28089 reject-with icmp-port-unreachable
8 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 / cloudos-iaas/os-cas-svc:casmoninternal has no endpoints / ADDRTYPE match dst-type LOCAL tcp dpt:20044 reject-with icmp-port-unreachable
9 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 / cloudos-iaas/os-cas-svc:hatocvm has no endpoints / ADDRTYPE match dst-type LOCAL udp dpt:20043 reject-with icmp-port-unreachable
10 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 / cloudos-iaas/os-cas-svc:cvmtocvk has no endpoints */ ADDRTYPE match dst-type LOCAL tcp dpt:20046 reject-with icmp-port-unreachable

Chain KUBE-FIREWALL (2 references)
num pkts bytes target prot opt in out source destination
1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes firewall for dropping marked packets */ mark match 0x8000/0x8000

Chain KUBE-FORWARD (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes forwarding rules / mark match 0x1/0x1
2 20568 4671K ACCEPT all -- * * 10.240.0.0/12 0.0.0.0/0 / kubernetes forwarding conntrack pod source rule / ctstate RELATED,ESTABLISHED
3 707 2424K ACCEPT all -- * * 0.0.0.0/0 10.240.0.0/12 / kubernetes forwarding conntrack pod destination rule */ ctstate RELATED,ESTABLISHED

Chain KUBE-NODEPORT-NON-LOCAL (1 references)
num pkts bytes target prot opt in out source destination

Chain KUBE-SERVICES (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.69.157 /* default/ame-ingress-nginx-controller-admission:https-webhook has no endpoints / tcp dpt:443 reject-with icmp-port-unreachable
2 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.62.32 / cloudos-iaas/os-cas-svc:os-cas-svc has no endpoints / tcp dpt:8080 reject-with icmp-port-unreachable
3 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.62.32 / cloudos-iaas/os-cas-svc:cvktocvm has no endpoints / tcp dpt:20045 reject-with icmp-port-unreachable
4 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.62.32 / cloudos-iaas/os-cas-svc:casserver2 has no endpoints / tcp dpt:20041 reject-with icmp-port-unreachable
5 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.124.202 / default/os-sys-app-svc:os-sys-app-svc has no endpoints / tcp dpt:16300 reject-with icmp-port-unreachable
6 0 0 REJECT udp -- * * 0.0.0.0/0 10.100.62.32 / cloudos-iaas/os-cas-svc:hatoback has no endpoints / udp dpt:20042 reject-with icmp-port-unreachable
7 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.231.239 / qunding/qunding-svc:qunding-mysql has no endpoints / tcp dpt:3306 reject-with icmp-port-unreachable
8 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.60.85 / cloudos-iaas/os-trove-svc:trove-endpoint has no endpoints / tcp dpt:8779 reject-with icmp-port-unreachable
9 0 0 REJECT udp -- * * 0.0.0.0/0 10.100.62.32 / cloudos-iaas/os-cas-svc:casserver1 has no endpoints / udp dpt:162 reject-with icmp-port-unreachable
10 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.231.239 / qunding/qunding-svc:qunding has no endpoints / tcp dpt:8888 reject-with icmp-port-unreachable
11 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.62.32 / cloudos-iaas/os-cas-svc:casmoninternal has no endpoints / tcp dpt:20044 reject-with icmp-port-unreachable
12 0 0 REJECT udp -- * * 0.0.0.0/0 10.100.62.32 / cloudos-iaas/os-cas-svc:hatocvm has no endpoints / udp dpt:20043 reject-with icmp-port-unreachable
13 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.62.32 / cloudos-iaas/os-cas-svc:cvmtocvk has no endpoints / tcp dpt:20046 reject-with icmp-port-unreachable
14 0 0 REJECT tcp -- * * 0.0.0.0/0 10.100.37.100 / prometheus-monitoring/default-alertmanager:web has no endpoints */ tcp dpt:31093 reject-with icmp-port-unreachable

Chain MYSQL3306 (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 127.0.0.1 ctorigdstport 3306
2 48G 10T RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 10.240.0.0/12 ctorigdstport 3306
3 419 165K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 189.101.132.4 ctorigdstport 3306
4 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 189.101.132.3 ctorigdstport 3306
5 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 189.101.132.2 ctorigdstport 3306
6 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 189.101.132.2 ctorigdstport 3306
7 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 189.101.132.3 ctorigdstport 3306
8 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 189.101.132.4 ctorigdstport 3306
9 325K 15M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 189.101.131.222 ctorigdstport 3306
10 30M 5188M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 189.101.132.201 ctorigdstport 3306
11 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigsrc 189.101.132.1 ctorigdstport 3306
12 18 984 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT ctorigdstport 3306

Chain OPENSHIFT-ADMIN-OUTPUT-RULES (1 references)
num pkts bytes target prot opt in out source destination

Chain OPENSHIFT-FIREWALL-ALLOW (1 references)
num pkts bytes target prot opt in out source destination
1 69G 63T ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:4789 /* VXLAN incoming /
2 10G 17T ACCEPT all -- tun0 * 0.0.0.0/0 0.0.0.0/0 / from SDN to localhost /
3 54 3438 ACCEPT all -- docker0 * 0.0.0.0/0 0.0.0.0/0 / from docker to localhost */

Chain OPENSHIFT-FIREWALL-FORWARD (1 references)
num pkts bytes target prot opt in out source destination
1 11M 543M DROP all -- * * 10.240.0.0/12 0.0.0.0/0 /* attempted resend after connection close / ctstate INVALID
2 1934M 116G ACCEPT all -- * * 0.0.0.0/0 10.240.0.0/12 / forward traffic from SDN /
3 169M 10G ACCEPT all -- * * 10.240.0.0/12 0.0.0.0/0 / forward traffic to SDN */

Chain OS_FIREWALL_ALLOW (1 references)
num pkts bytes target prot opt in out source destination
1 3764 200K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9100
2 23 1542 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9100
3 289K 15M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10250
4 10028 595K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10256
5 2560K 154M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
6 9749K 584M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
7 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:4789
8 76M 4145M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:1:65535
9 35003 2661K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpts:1:65535
10 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:9000:10000
11 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1936
12 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10080
13 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10443
14 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6579
15 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6679
16 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2369
17 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2390
18 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2375
19 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:7000:7100
20 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2379
21 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2380
22 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8443
23 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8444
24 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8053
25 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8053

标签:iptables,udp,dpt,RETURN,自定义,--,0.0,tcp,Linux
From: https://www.cnblogs.com/my-show-time/p/16858346.html

相关文章

  • delphi 11.2 配置Linux 开发环境
    1.rockylinux9 命令行: mvlibpython3.solibpython3.so_  ln-s/usr/lib64/libpython3.9.so.1.0libpython3.so打开防火墙:  命令 firewall-cmd--zon......
  • Linux--网络基础(概念+协议的了解+OSI七层模型,TCP/IP五层协议,网络数据传输流程)
    网络的发展网络的发展有下面几个阶段:独立模式:计算机最开始是以单机模式被广泛使用的。每一台计算机都是独立的,之间不能够进行数据共享与通信网络互联:计算机之间可......
  • IPTABLES 详解
    引言先来看一条常用的iptables命令:Iptables(-tfilter)-IINPUT-ptcp--dportssh/22-jACCEPT这一条命令,生成了一条规则。允许所有22端口的TCP连接。这条规则作用......
  • Linux磁盘挂载(CentOS 7)
    例如我们这里挂一个50G的磁盘到服务器首先查看可挂载磁盘情况[root@yanshi/]#fdisk-l磁盘/dev/sda:32.2GB,32212254720字节,62914560个扇区Units=扇区of1......
  • Linux(Ubuntu、Centos)环境安装部署Docker及Docker-compose
    Centos7安装Docker环境#安装依赖yuminstall-yyum-utilsdevice-mapper-persistent-datalvm2#设置yum源(选择其中一个)yum-config-manager--add-repohttp://downl......
  • 学习笔记-God-Linux
    God-Linuxbash#判断当前是否是登陆式或非登陆式shellecho$0#上一个命令的最后一个参数.例如:上一条命令(vimtest.txt),cat!$=cattest.txt!$#以......
  • 学习笔记-Secure-Linux
    Secure-LinuxLinux加固+维护+应急响应参考文档内容仅限Linux,web服务和中间件的加固内容请看加固大纲文件可疑文件文件恢复系统密码重置会话......
  • 学习笔记-Iptables
    Iptables什么是iptablesLinux系统在内核中提供了对报文数据包过滤和修改的官方项目名为Netfilter,它指的是Linux内核中的一个框架,它可以用于在不同阶段将某些钩子函......
  • linux学习笔记-auditd
    auditdauditd.conf#目录或这个目录中的日志文件。log_file=/var/log/audit/audit.log#日志所属组log_group=root#审计应采用多少优先级推进守护进程。必须......
  • 【数据库数据恢复】LINUX环境EXT3文件系统下ORACLE数据库误删除的数据恢复案例
    数据库数据恢复环境:LINUXEXT3文件系统,部署ORACLE数据库。​数据库故障&分析:管理员在建立测试库时选错了服务器,在ORACLE数据库平台上CREATE了一套新库,创建至10%左右时发现......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99