我收到了来自服务器提供商的滥用,其中一件事是相同的,即目标 IP 上的目标是 SMB (445) 端口。如何使用 iptables 阻止到端口 445 的目标流量?
> ---------------------------------------------------------------------------
> Wed Sep 2 08:02:21 2020 TCP MYSERVERIP 61019 => 70.40.185.188 445
> Wed Sep 2 08:02:36 2020 TCP MYSERVERIP 62211 => 70.40.185.193 445
> Wed Sep 2 08:02:27 2020 TCP MYSERVERIP 61649 => 70.40.187.138 445
> Wed Sep 2 08:02:47 2020 TCP MYSERVERIP 63772 => 91.218.57.126 445
> Wed Sep 2 08:02:28 2020 TCP MYSERVERIP 61821 => 91.218.58.1 445
> Wed Sep 2 08:02:20 2020 TCP MYSERVERIP 60987 => 91.218.120.55 445
> Wed Sep 2 08:02:39 2020 TCP MYSERVERIP 62910 => 91.218.120.228 445
> Wed Sep 2 08:02:37 2020 TCP MYSERVERIP 62671 => 91.227.14.171 445
> Wed Sep 2 08:02:37 2020 TCP MYSERVERIP 62721 => 91.227.14.189 445
> Wed Sep 2 08:02:44 2020 TCP MYSERVERIP 63442 => 91.227.22.209 445
> Wed Sep 2 08:02:38 2020 TCP MYSERVERIP 62786 => 91.227.60.118 445
> Wed Sep 2 08:02:40 2020 TCP MYSERVERIP 62786 => 91.227.60.118 445
> Wed Sep 2 08:02:35 2020 TCP MYSERVERIP 62476 => 91.227.115.17 445
> Wed Sep 2 08:02:38 2020 TCP MYSERVERIP 62476 => 91.227.115.17 445
> Wed Sep 2 08:02:49 2020 TCP MYSERVERIP 63678 => 110.165.2.15 445
> Wed Sep 2 08:02:48 2020 TCP MYSERVERIP 63852 => 110.165.3.103 445
> Wed Sep 2 08:02:49 2020 TCP MYSERVERIP 63970 => 110.165.3.155 445
> Wed Sep 2 08:02:31 2020 TCP MYSERVERIP 62073 => 110.165.4.204 445