我有以下一组规则
sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] 41337/tcp ALLOW IN Anywhere
...
[15] 8080/tcp ALLOW IN Anywhere
[16] 4001/tcp ALLOW IN Anywhere
但我仍然收到UFW BLOCK
日志条目dmesg
。
[Mon Jan 20 13:28:42 2020] [UFW BLOCK] IN=enp3s0 OUT= MAC=74:xx:xx:xx:e5:xx:xx:45:cb:59:xx:b0:08:xx SRC=49.XXX.XXX.XXX DST=192.168.XXX.XXX LEN=60 TOS=0x00 PREC=0x00 TTL=112 ID=894 DF PROTO=TCP SPT=4001 DPT=4001 WINDOW=8192 RES=0x00 ACK SYN URGP=0
[Mon Jan 20 13:28:54 2020] [UFW BLOCK] IN=enp3s0 OUT= MAC=74:xx:xx:xx:e5:xx:xx:45:cb:59:xx:b0:08:xx SRC=113.XXX.XXX.XXX DST=192.168.XXX.XXX LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=0 DF PROTO=TCP SPT=15559 DPT=4001 WINDOW=0 RES=0x00 RST URGP=0
这是为什么?
编辑
全表:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
[ 1] 1337/tcp ALLOW IN Anywhere
[ 2] 8333/tcp ALLOW IN Anywhere
[ 3] 53/udp ALLOW IN Anywhere
[ 4] 51413/tcp ALLOW IN Anywhere
[ 5] 9117/tcp ALLOW IN Anywhere
[ 6] 53/tcp ALLOW IN Anywhere
[ 7] 8090/tcp ALLOW IN Anywhere
[ 8] 6881/udp ALLOW IN Anywhere
[ 9] 80/tcp ALLOW IN Anywhere
[10] 443/tcp ALLOW IN Anywhere
[11] 5351/udp ALLOW IN 17X.XXX.0.0/16
[12] 5351/udp ALLOW IN 17X.XXX.0.0/16
[13] 5351/udp ALLOW IN 17X.XXX.0.0/16
[14] 8084/tcp ALLOW IN Anywhere
[15] 8080/tcp ALLOW IN Anywhere
[16] 4001/tcp ALLOW IN Anywhere
[17] 5001/tcp ALLOW IN 10.X.X.X/24