Debian-Server:传入 SSH/PING/TELNET/... 有效 - 传出无效

Debian-Server:传入 SSH/PING/TELNET/... 有效 - 传出无效

我提到过我的Linux系统的一个奇怪行为:

重启系统后,我可以通过 SSH 连接到它,并且服务器响应 PING。但服务器本身无法 ping 任何其他服务器。

# ping google.de
^C
#

我也尝试 ping 8.8.8.8

# ping 8.8.8.8
^C
#

我还检查了IPTables防火墙:

# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

这是输出iptables-save

# Generated by iptables-save v1.4.21 on Sat Jan  9 15:32:05 2016
*mangle
:PREROUTING ACCEPT [195612:29645179]
:INPUT ACCEPT [195139:29597314]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [191509:144973069]
:POSTROUTING ACCEPT [191487:144962209]
COMMIT
# Completed on Sat Jan  9 15:32:05 2016
# Generated by iptables-save v1.4.21 on Sat Jan  9 15:32:05 2016
*nat
:PREROUTING ACCEPT [16150:972249]
:INPUT ACCEPT [15873:943476]
:OUTPUT ACCEPT [2778:195347]
:POSTROUTING ACCEPT [2778:195347]
COMMIT
# Completed on Sat Jan  9 15:32:05 2016
# Generated by iptables-save v1.4.21 on Sat Jan  9 15:32:05 2016
*filter
:INPUT ACCEPT [82916:15824405]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [76735:21176202]
COMMIT
# Completed on Sat Jan  9 15:32:05 2016

这是到 8.8.8.8 的跟踪路由

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  * * *
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  *^C

路由本身:

Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
0.0.0.0         85.xx.1.1       0.0.0.0         UG    0      0        0 eth0
85.xx.1.0       0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.3.0       0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.6.0       0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.7.0       0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.12.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.14.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.16.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.17.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.18.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.19.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.21.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.22.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.23.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.24.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.25.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.26.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.27.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.28.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.29.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.30.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
85.xx.31.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.4.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.7.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.9.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.10.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.12.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.13.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.14.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.15.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.16.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.19.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.21.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.23.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.24.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.26.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.27.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.28.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.29.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.30.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.31.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.32.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.33.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.34.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.35.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.36.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.37.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.38.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.39.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.40.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.41.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.43.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.44.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.45.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.46.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.48.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.49.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
89.xxx.50.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
1xx.24.208.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
1xx.24.209.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
1xx.24.210.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

这是 ip addr show 的结果

ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 0c:c4:7a:31:49:f8 brd ff:ff:ff:ff:ff:ff
    inet 85.xx.x.246/24 brd 85.xx.x.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 85.xx.xx.80/24 brd 85.xx.xx.255 scope global eth0:1
       valid_lft forever preferred_lft forever
    inet 193.xx.xxx.203/24 brd 193.xx.xxx.255 scope global eth0:2
       valid_lft forever preferred_lft forever
and so on

接口已启动并正在运行 - 什么可能导致了这个问题?

我通过以下方式监控连接tcpdump:这是结果:

# tcpdump dst 8.8.8.8 -w /tmp/tcpdump
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
^C70 packets captured
70 packets received by filter
0 packets dropped by kernel


listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:21:57.484886 IP server.example.com.36115 > 8.8.8.8.domain: 47207+ A? collector.newrelic.com. (40)
15:21:57.484895 IP server.example.com.36115 > 8.8.8.8.domain: 6559+ AAAA? collector.newrelic.com. (40)
15:21:57.873854 IP server.example.com.59617 > 8.8.8.8.domain: 29097+ PTR? 231.201.203.64.in-addr.arpa. (45)
15:21:57.874880 IP server.example.com > 8.8.8.8: ICMP echo request, id 23608, seq 99, length 64
15:21:58.119951 IP server.example.com.56377 > 8.8.8.8.domain: 16236+ PTR? 8.8.8.8.in-addr.arpa. (38)
15:21:58.396881 IP server.example.com.47984 > 8.8.8.8.domain: 58900+ PTR? 52.39.140.95.in-addr.arpa. (43)
15:21:58.882882 IP server.example.com > 8.8.8.8: ICMP echo request, id 23608, seq 100, length 64
15:21:59.794301 IP server.example.com.33657 > 8.8.8.8.domain: 49356+ PTR? 194.94.45.70.in-addr.arpa. (43)
15:21:59.964218 IP server.example.com.44113 > 8.8.8.8.domain: 51976+ PTR? 178.186.148.66.in-addr.arpa. (45)
15:22:00.033621 IP server.example.com.51669 > 8.8.8.8.domain: 46383+ A? 110.208.16.216.ix.dnsbl.manitu.net. (52)
15:22:01.096586 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 1, length 64
15:22:01.272051 IP server.example.com.50628 > 8.8.8.8.domain: 33444+ A? 221.170.189.113.sbl-xbl.spamhaus.org. (54)
15:22:01.639669 IP server.example.com.48543 > 8.8.8.8.domain: 694+ PTR? 242.40.10.176.in-addr.arpa. (44)
15:22:01.918993 IP server.example.com.60321 > 8.8.8.8.domain: 45439+ A? 11.179.189.5.ix.dnsbl.manitu.net. (50)
15:22:02.098337 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 2, length 64
15:22:02.546164 IP server.example.com.48905 > 8.8.8.8.domain: 4436+ PTR? 231.218.240.187.in-addr.arpa. (46)
15:22:02.878905 IP server.example.com.59617 > 8.8.8.8.domain: 29097+ PTR? 231.201.203.64.in-addr.arpa. (45)
15:22:03.106976 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 3, length 64
15:22:03.125014 IP server.example.com.56377 > 8.8.8.8.domain: 16236+ PTR? 8.8.8.8.in-addr.arpa. (38)
15:22:03.444852 IP server.example.com.39858 > 8.8.8.8.domain: 30888+ A? 52.39.140.95.ix.dnsbl.manitu.net. (50)
15:22:04.114892 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 4, length 64
15:22:04.799409 IP server.example.com.33657 > 8.8.8.8.domain: 49356+ PTR? 194.94.45.70.in-addr.arpa. (43)
15:22:04.969287 IP server.example.com.44113 > 8.8.8.8.domain: 51976+ PTR? 178.186.148.66.in-addr.arpa. (45)
15:22:05.038655 IP server.example.com.51669 > 8.8.8.8.domain: 46383+ A? 110.208.16.216.ix.dnsbl.manitu.net. (52)
15:22:08.146971 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 8, length 64
15:22:08.449933 IP server.example.com.39858 > 8.8.8.8.domain: 30888+ A? 52.39.140.95.ix.dnsbl.manitu.net. (50)
15:22:09.154943 IP server.example.com > 8.8.8.8: ICMP echo request, id 1155, seq 9, length 64
15:22:09.714225 IP server.example.com.55765 > 8.8.8.8.domain: 3955+ A? 231.201.203.64.ix.dnsbl.manitu.net. (52)
15:22:10.043790 IP server.example.com.59926 > 8.8.8.8.domain: 7570+ A? 110.208.16.216.sbl-xbl.spamhaus.org. (53)

相关内容