调查连通性问题

tag-icon tag-icon ubuntu networking iptables netcat
调查连通性问题

我正在尝试在运行 apache 的服务器上设置一项新服务,但似乎该特定端口上的传入流量被阻止了,尽管我不明白为什么。在第一台服务器上,我在任意端口上以监听模式运行 netcat:

nc -l  29392

在我的电脑上我运行

nc A.B.C.D 29392

并发送一些文本。服务器上没有显示任何内容。我使用 tcpdump 查看服务器上来自我计算机的任何传入流量,但什么也没有显示。当我在计算机上使用 tcpdump 查看传出数据时,我得到了以下信息:

tcpdump: data link type PKTAP
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on pktap, link-type PKTAP (Packet Tap), capture size 65535 bytes
16:39:16.623882 IP 192.168.0.14.56549 > A.B.C.D.29392: Flags [S], seq 1766083571, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 966146053 ecr 0,sackOK,eol], length 0
16:39:17.626710 IP 192.168.0.14.56549 > A.B.C.D.29392: Flags [S], seq 1766083571, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 966147053 ecr 0,sackOK,eol], length 0
16:39:18.627732 IP 192.168.0.14.56549 > A.B.C.D.29392: Flags [S], seq 1766083571, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 966148053 ecr 0,sackOK,eol], length 0
16:39:19.629946 IP 192.168.0.14.56549 > A.B.C.D.29392: Flags [S], seq 1766083571, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 966149053 ecr 0,sackOK,eol], length 0
16:39:20.633474 IP 192.168.0.14.56549 > A.B.C.D.29392: Flags [S], seq 1766083571, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 966150053 ecr 0,sackOK,eol], length 0
16:39:21.634604 IP 192.168.0.14.56549 > A.B.C.D.29392: Flags [S], seq 1766083571, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 966151053 ecr 0,sackOK,eol], length 0
16:39:23.640121 IP 192.168.0.14.56549 > A.B.C.D.29392: Flags [S], seq 1766083571, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 966153053 ecr 0,sackOK,eol], length 0
16:39:27.642574 IP 192.168.0.14.56549 > A.B.C.D.29392: Flags [S], seq 1766083571, win 65535, options [mss 1460,sackOK,eol], length 0
16:39:35.674330 IP 192.168.0.14.56549 > A.B.C.D.29392: Flags [S], seq 1766083571, win 65535, options [mss 1460,sackOK,eol], length 0
^C
9 packets captured
303 packets received by filter
0 packets dropped by kernel

但我不确定其中是否有任何有趣的东西。

我的计算机被允许连接到该计算机上的其他端口。IP 表如下所示:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
fail2ban-apache-ardguest  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain fail2ban-apache-ardguest (1 references)
target     prot opt source               destination
DROP       all  --  X.Y.Z.V      0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

-chainfail2ban-apache-ardguest不应相关。hosts.deny为空。我遗漏了什么?服务器正在运行 Ubuntu 10.04.4 LTS。

相关内容