我需要添加一条规则来打开 Mosquitto 端口:
$ sudo iptables -I INPUT 5 -p tcp --dport 1883 -j ACCEPT
$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:1883
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:2812
ACCEPT tcp -- anywhere anywhere tcp dpt:xmpp-client
ACCEPT tcp -- anywhere anywhere tcp dpt:5555
ACCEPT tcp -- anywhere anywhere tcp dpts:http-alt:8099
ACCEPT tcp -- anywhere anywhere tcp dpts:4380:4400
ACCEPT tcp -- anywhere anywhere tcp dpt:17443
ACCEPT tcp -- anywhere anywhere tcp dpt:17441
ACCEPT tcp -- anywhere anywhere tcp dpt:socks
ACCEPT tcp -- anywhere anywhere tcp dpt:1443
ACCEPT all -- appscale-image0 anywhere
DROP all -- anywhere anywhere
几秒钟后,新添加的行消失,如下所示:
$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:2812
ACCEPT tcp -- anywhere anywhere tcp dpt:xmpp-client
ACCEPT tcp -- anywhere anywhere tcp dpt:5555
ACCEPT tcp -- anywhere anywhere tcp dpts:http-alt:8099
ACCEPT tcp -- anywhere anywhere tcp dpts:4380:4400
ACCEPT tcp -- anywhere anywhere tcp dpt:17443
ACCEPT tcp -- anywhere anywhere tcp dpt:17441
ACCEPT tcp -- anywhere anywhere tcp dpt:socks
ACCEPT tcp -- anywhere anywhere tcp dpt:1443
ACCEPT all -- appscale-image0 anywhere
DROP all -- anywhere anywhere
对这次神秘消失有什么了解吗?没有正在运行的 cron 作业。ufw 已禁用。我不确定如何检查正在运行的底层防火墙服务。