我在不同的托管公司运行几个 vps。我们的其中一台服务器最近造成了很多麻烦,因为它随机拒绝某些网络(办公室、家庭、移动热点)访问服务器。有些日子它工作正常,没有任何问题,而另一些日子它被完全阻止。我还有一个专用的服务器监视器,它告诉我所有服务都可以访问并且在线。Pinging 仍然有效,但通过 SSH、端口 80 等访问会立即被拒绝。我正在运行 fail2ban,但在日志中没有看到任何被阻止的 ip 地址。所以我的假设是这个问题是由我的 iptables 规则集引起的。
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- anywhere anywhere ctstate INVALID
ACCEPT icmp -- anywhere anywhere icmp echo-request ctstate NEW
UDP udp -- anywhere anywhere ctstate NEW
TCP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN ctstate NEW
REJECT tcp -- anywhere anywhere recent: SET name: TCP-PORTSCAN side: source reject-with tcp-reset
REJECT udp -- anywhere anywhere recent: SET name: UDP-PORTSCAN side: source reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain TCP (1 references)
target prot opt source destination
REJECT tcp -- anywhere anywhere recent: UPDATE seconds: 60 name: TCP-PORTSCAN side: source reject-with tcp-reset
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:921
Chain UDP (1 references)
target prot opt source destination
REJECT udp -- anywhere anywhere recent: UPDATE seconds: 60 name: UDP-PORTSCAN side: source reject-with icmp-port-unreachable
是否存在可能导致此问题以及原因是什么?
PS:921是我自定义的ssh端口。