182.100.67.235 IP 仍处于连接状态。我该怎么办?
ufw 状态
状态:活跃
To Action From
-- ------ ----
[ 1] Postfix 允许在任何地方
[ 2] OpenSSH 允许在任何地方
[ 3] Apache 允许在任何地方
[ 4] Apache Full 允许在任何地方
[ 5] Bind9 允许在任何地方
[ 6] 22 允许在任何地方
[ 7] 任何地方拒绝在 113.10.154.11
[ 8] 任何地方拒绝在 218.65.95.159
[ 9] 任何地方拒绝在 182.100.67.235
[10] 任何地方拒绝在 36.7.87.198
[12] 任何地方拒绝在 91.192.197.132
[13] 任何地方拒绝在 58.218.198.138
[14] 任何地方拒绝在 61.177.172.37
[15] 任何地方拒绝在103.29.16.18
[16] 任何地方 拒绝 27.154.242.214
// 7 月 6 日补充。
ufw 插入 2 拒绝 114.143.59.202 给任何
错误:参数数量错误
ufw 插入 1 拒绝 114.143.59.202 给任何
错误:参数数量错误
[ 1] 任何地方拒绝 192.99.3.127
[ 2] Postfix 允许 任何地方
[ 3] Apache 允许 任何地方
[ 4] Apache Full 允许 任何地方
[ 5] Bind9 允许 任何地方
[ 6] 任何地方拒绝 113.10.154.11
[ 7] 任何地方拒绝 218.65.95.159
[ 8] 任何地方拒绝 182.100.67.235
[ 9] 任何地方拒绝 36.7.87.198
[10] 任何地方拒绝 91.192.197.132
[11] 任何地方拒绝 58.218.198.138
[12] 任何地方拒绝 61.177.172.37
[13] 任何地方拒绝103.29.16.18
[14] 任何地方 拒绝 27.154.242.214
2018-06-29 12:43:13,861 fail2ban.actions [860]: NOTICE [sshd] Unban 182.100.67.235
2018-06-29 12:43:15,227 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:43:15
2018-06-29 12:43:16,860 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:43:16
2018-06-29 12:43:19,565 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:43:19
2018-06-29 12:43:22,270 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:43:21
2018-06-29 12:43:46,159 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:43:46
2018-06-29 12:43:46,509 fail2ban.actions [860]: NOTICE [sshd] Ban 182.100.67.235
2018-06-29 12:43:48,971 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:43:48
2018-06-29 12:44:26,521 fail2ban.filter [860]: INFO [sshd] 2018-06-29 12:50:44,379 fail2ban.filter [860]: INFO [sshd] Found 110.45.147.94 - 2018-06-29 12:50:43
2018-06-29 12:50:46,267 fail2ban.filter [860]: INFO [sshd] Found 110.45.147.94 - 2018-06-29 12:50:46
2018-06-29 12:50:48,160 fail2ban.filter [860]: INFO [sshd] Found 110.45.147.94 - 2018-06-29 12:50:48
2018-06-29 12:50:50,635 fail2ban.filter [860]: INFO [sshd] Found 110.45.147.94 - 2018-06-29 12:50:50
2018-06-29 12:52:22,118 fail2ban.filter [860]: INFO [sshd] Found 91.236.178.157 - 2018-06-29 12:52:22
2018-06-29 12:52:22,118 fail2ban.filter [860]: INFO [sshd] Found 91.236.178.157 - 2018-06-29 12:52:22
2018-06-29 12:52:23,802 fail2ban.filter [860]: INFO [sshd] Found 91.236.178.157 - 2018-06-29 12:52:23
2018-06-29 12:53:03,902 fail2ban.filter [860]: INFO [sshd] Found 164.132.202.47 - 2018-06-29 12:53:03
2018-06-29 12:53:03,905 fail2ban.filter [860]: INFO [sshd] Found 164.132.202.47 - 2018-06-29 12:53:03
2018-06-29 12:53:05,932 fail2ban.filter [860]: INFO [sshd] Found 164.132.202.47 - 2018-06-29 12:53:05
2018-06-29 12:53:47,343 fail2ban.actions [860]: NOTICE [sshd] Unban 182.100.67.235
2018-06-29 12:54:04,592 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:54:04
2018-06-29 12:54:06,197 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:54:05
2018-06-29 12:54:08,903 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:54:08
2018-06-29 12:54:11,174 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:54:11
2018-06-29 12:54:49,935 fail2ban.filter [860]: INFO [sshd] Found 182.100.67.235 - 2018-06-29 12:54:49
2018-06-29 12:54:50,036 fail2ban.actions [860]: NOTICE [sshd] Ban 182.100.67.235
答案1
防火墙规则的顺序很重要。由于您一开始就允许所有请求的数目为 80,因此此规则将匹配所有请求,而后面的拒绝规则将永远不会被匹配。
所以,如果你需要阻止某些事情特别,将其放在开头,然后允许全部。
要查看带有参考编号的规则,请使用以下命令:
sudo ufw status numbered
然后先删除已添加的拒绝规则:
sudo ufw delete rule_number_here
然后在顶部再次添加:
sudo ufw insert 1 deny from xx.xx.xx.xx to any