为什么 iptables 似乎没有关闭端口 22?

为什么 iptables 似乎没有关闭端口 22?
#iptables -L -n -v
Chain INPUT (policy ACCEPT 42 packets, 3360 bytes)
pkts bytes target     prot opt in     out     source               destination
207  15586 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
0     0    ACCEPT     tcp  --  eth0   *       78.12.0.0/14         0.0.0.0/0            tcp dpt:22
0     0    ACCEPT     tcp  --  eth0   *       84.220.0.0/14        0.0.0.0/0            tcp dpt:22
119  7108  DROP       tcp  --  *      *       !78.12.47.44         0.0.0.0/0            tcp dpt:80
0     0    DROP       all  --  eth0   *       0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 143 packets, 16147 bytes)
pkts bytes target     prot opt in     out     source               destination

根据这些防火墙规则,为什么auth.log我发现

Jan 24 23:51:24 vps45276 sshd[1579]: Invalid user toto from 178.32.42.238
Jan 24 23:51:24 vps45276 sshd[1579]: Received disconnect from 178.32.42.238: 11:
Bye Bye [preauth]
Jan 25 00:10:09 vps45276 sshd[1608]: Invalid user serveur from 178.32.42.238
Jan 25 00:10:09 vps45276 sshd[1608]: Received disconnect from 178.32.42.238: 11:
Bye Bye [preauth]

我违反了什么规则?

答案1

您只DROP过滤来自 的流量eth0。但是,不需要的流量几乎肯定是通过其他接口进入的。从最终DROP规则中删除该限定符,最好将INPUT表的策略设置为DROP

相关内容