CentOS 7.9.2009 服务器每次重启后都需要刷新 iptables

tag-icon tag-icon iptables centos7
CentOS 7.9.2009 服务器每次重启后都需要刷新 iptables

有一个运行 Centos 7.9 的 VPS,主要用于 Plesk 网站托管。

最近,当我们重启服务器时,除 SSH(端口 58431)之外的所有端口都被阻止。我们必须通过 SSH 进入 VPS 并iptables --flush让网站正常运行,然后在下次重启时(通常是几天后)再次停止。

iptables --list输出如下,我完全不知道从哪里开始。有人能找出导致这种情况的规则吗?可能是什么原因导致的?

Chain PREROUTING (policy ACCEPT 4320 packets, 247K bytes)
 pkts bytes target     prot opt in     out     source               destination
 4322  247K PREROUTING_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 4322  247K PREROUTING_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 4322  247K PREROUTING_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain POSTROUTING (policy ACCEPT 465K packets, 28M bytes)
 pkts bytes target     prot opt in     out     source               destination
 465K   28M POSTROUTING_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 465K   28M POSTROUTING_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 465K   28M POSTROUTING_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT 465K packets, 28M bytes)
 pkts bytes target     prot opt in     out     source               destination
 465K   28M OUTPUT_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain OUTPUT_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination
 4011  258K POST_public  all  --  *      venet0  0.0.0.0/0            0.0.0.0/0           [goto]
 461K   28M POST_public  all  --  *      +       0.0.0.0/0            0.0.0.0/0           [goto]

Chain POSTROUTING_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain POST_public (2 references)
 pkts bytes target     prot opt in     out     source               destination
 465K   28M POST_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 465K   28M POST_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 465K   28M POST_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain POST_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain POST_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain POST_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain PREROUTING_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination
 4320  247K PRE_public  all  --  venet0 *       0.0.0.0/0            0.0.0.0/0           [goto]
    1    52 PRE_public  all  --  +      *       0.0.0.0/0            0.0.0.0/0           [goto]

Chain PREROUTING_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain PREROUTING_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain PRE_public (2 references)
 pkts bytes target     prot opt in     out     source               destination
 4321  247K PRE_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 4321  247K PRE_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 4321  247K PRE_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain PRE_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain PRE_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain PRE_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination

相关内容