如何阻止 IPSec VPN 连接的 IP?

如何阻止 IPSec VPN 连接的 IP?

这是我当前的 IpTables 设置:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:2022
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere             state INVALID
ACCEPT     udp  --  anywhere             anywhere             udp dpt:isakmp
ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipsec-nat-t
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  10.10.10.0/24        anywhere             policy match dir in pol ipsec proto esp
ACCEPT     all  --  anywhere             10.10.10.0/24        policy match dir out pol ipsec proto esp
DROP       all  --  anywhere             anywhere

我想阻止这个 IP 地址 5.79.71.205,因为它被其中一名 VPN 用户用作恶意软件。

我是否像这样阻止顶部的输入?

sudo iptables -I INPUT -s 5.79.71.205 -p all -j DROP

或者我是否必须这样做因为 VPN(IKEv2)伪装?

sudo iptables -I FORWARD -s 5.79.71.205 -j DROP

或者我必须阻止输出?

sudo iptables -I OUTPUT -d 5.79.71.205 -j DROP

或者甚至是全部?

答案1

只需阻止进出即可。应该可以解决您的问题。

iptables -A 输入 -s 5.79.71.205 -j DROP
iptables -A 输出 -d 5.79.71.205 -j DROP

相关内容