我有一个处理传入请求的 flask 脚本。在短时间内可能会有很多这样的请求,但是,如果我理解正确的话,那么最初防火墙在一定时间内对传入请求有某种限制。因为如果我在大约 10 秒内发送 10 个请求,脚本只会处理其中的 4 个,但这与脚本无关,因为。我在我的电脑上测试了它,所以服务器本身不会在短时间内错过大量请求,我该如何解决这个问题?我将非常感谢您的帮助。
iptables -t nat -xvnL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
iptables -vxnL
Chain INPUT (policy DROP 891 packets, 37562 bytes)
pkts bytes target prot opt in out source destination
1 40 fail2ban-HESTIA tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8083
28477 1704349 fail2ban-MAIL tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,110,995,143,993
89 6570 fail2ban-FTP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
20733 2248126 fail2ban-SSH tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
101755 178516849 fail2ban-RECIDIVE tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 1:65535
74771 177128413 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
156 9360 ACCEPT all -- * * *IP_OF_VPS* 0.0.0.0/0
234 14040 ACCEPT all -- * * 127.0.0.1 0.0.0.0/0
856 65655 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
2012 105744 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
12 612 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,12000:12100
9 525 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
1 40 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
181 10514 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
5 200 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995
13 612 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 143,993
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8778
12 584 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
39941 3658019 ufw-before-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
39941 3658019 ufw-before-input all -- * * 0.0.0.0/0 0.0.0.0/0
39760 3596357 ufw-after-input all -- * * 0.0.0.0/0 0.0.0.0/0
4565 196858 ufw-after-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
4565 196858 ufw-reject-input all -- * * 0.0.0.0/0 0.0.0.0/0
4565 196858 ufw-track-input all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 #conn src/0 > 50
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 #conn src/0 > 150
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ufw-before-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-before-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-reject-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-track-forward all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
88838 12259629 ufw-before-logging-output all -- * * 0.0.0.0/0 0.0.0.0/0
88838 12259629 ufw-before-output all -- * * 0.0.0.0/0 0.0.0.0/0
2650 184151 ufw-after-output all -- * * 0.0.0.0/0 0.0.0.0/0
2650 184151 ufw-after-logging-output all -- * * 0.0.0.0/0 0.0.0.0/0
2650 184151 ufw-reject-output all -- * * 0.0.0.0/0 0.0.0.0/0
2650 184151 ufw-track-output all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-FTP (1 references)
pkts bytes target prot opt in out source destination
89 6570 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-HESTIA (1 references)
pkts bytes target prot opt in out source destination
1 40 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-MAIL (1 references)
pkts bytes target prot opt in out source destination
24380 1457827 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-RECIDIVE (1 references)
pkts bytes target prot opt in out source destination
1308 78480 REJECT all -- * * 87.246.7.75 0.0.0.0/0 reject-with icmp-port-unreachable
9707 582380 REJECT all -- * * 5.34.207.58 0.0.0.0/0 reject-with icmp-port-unreachable
1722 103320 REJECT all -- * * 212.70.149.66 0.0.0.0/0 reject-with icmp-port-unreachable
1649 98940 REJECT all -- * * 212.70.149.18 0.0.0.0/0 reject-with icmp-port-unreachable
7883 472960 REJECT all -- * * 5.34.207.219 0.0.0.0/0 reject-with icmp-port-unreachable
79486 177180769 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-SSH (1 references)
pkts bytes target prot opt in out source destination
24 1840 REJECT all -- * * 81.29.214.123 0.0.0.0/0 reject-with icmp-port-unreachable
24 1848 REJECT all -- * * 72.167.224.135 0.0.0.0/0 reject-with icmp-port-unreachable
24 1844 REJECT all -- * * 43.154.47.14 0.0.0.0/0 reject-with icmp-port-unreachable
16631 1950958 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain hestia (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-after-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-after-input (1 references)
pkts bytes target prot opt in out source destination
19 1482 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
9 2061 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
1 40 ufw-skip-to-policy-input tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
6 272 ufw-skip-to-policy-input tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
20 5440 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
6301 607388 ufw-skip-to-policy-input all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
Chain ufw-after-logging-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "[UFW BLOCK] "
Chain ufw-after-logging-input (1 references)
pkts bytes target prot opt in out source destination
891 37562 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "[UFW BLOCK] "
Chain ufw-after-logging-output (1 references)
pkts bytes target prot opt in out source destination
309 19969 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "[UFW ALLOW] "
Chain ufw-after-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-before-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ufw-user-forward all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-input (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
19 9722 ufw-logging-deny all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
19 9722 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
7256 654765 ufw-not-local all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
0 0 ACCEPT udp -- * * 0.0.0.0/0 239.255.255.250 udp dpt:1900
7256 654765 ufw-user-input all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-logging-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW AUDIT] "
Chain ufw-before-logging-input (1 references)
pkts bytes target prot opt in out source destination
315 24476 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW AUDIT] "
Chain ufw-before-logging-output (1 references)
pkts bytes target prot opt in out source destination
315 27676 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW AUDIT] "
Chain ufw-before-output (1 references)
pkts bytes target prot opt in out source destination
740 496082 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
6752 945190 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
309 19969 ufw-user-output all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-logging-allow (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "[UFW ALLOW] "
Chain ufw-logging-deny (2 references)
pkts bytes target prot opt in out source destination
19 9722 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID LOG flags 0 level 4 prefix "[UFW AUDIT INVALID] "
19 9722 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "[UFW BLOCK] "
Chain ufw-not-local (1 references)
pkts bytes target prot opt in out source destination
715 32296 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
193 6176 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
6348 616293 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
0 0 ufw-logging-deny all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 50
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-reject-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-reject-input (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-reject-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-skip-to-policy-forward (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-skip-to-policy-input (7 references)
pkts bytes target prot opt in out source destination
6356 616683 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-skip-to-policy-output (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-track-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-track-input (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-track-output (1 references)
pkts bytes target prot opt in out source destination
16 960 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
293 19009 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
Chain ufw-user-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-input (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* 'dapp_OpenSSH' */
9 520 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5000
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:5000
0 0 ACCEPT all -- * * *IP_OF_FIRST_VPS* 0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:465
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:993
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:143
Chain ufw-user-limit (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain ufw-user-limit-accept (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-user-logging-forward (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-logging-input (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-logging-output (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-output (1 references)
pkts bytes target prot opt in out source destination