我想尝试阻止我的计算机的 IP(192.168.0.3)作为测试,阻止我访问服务器上的任何内容,更重要的是,我的网站,当我使用ufw deny 192.168.0.3它时,它会说Rule added,运行命令后,我仍然可以访问https://sturtz.ml,https://search.sturtz.ml和https://social.sturtz.ml从它说被阻止通过 ufw 访问的计算机,我也可以从同一台计算机运行 ssh
输出ufw status是
Status: active
To Action From
-- ------ ----
10000 ALLOW Anywhere
53 ALLOW 192.168.0.0/24
22 ALLOW Anywhere
Bind9 ALLOW Anywhere
80 ALLOW Anywhere
Apache ALLOW Anywhere
442 ALLOW Anywhere
443 ALLOW Anywhere
53 ALLOW Anywhere
Apache Full ALLOW Anywhere
OpenSSH ALLOW Anywhere
Anywhere DENY 192.168.0.3
192.168.0.3 DENY Anywhere
10000 (v6) ALLOW Anywhere (v6)
22 (v6) ALLOW Anywhere (v6)
Bind9 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
Apache (v6) ALLOW Anywhere (v6)
442 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
53 (v6) ALLOW Anywhere (v6)
Apache Full (v6) ALLOW Anywhere (v6)
OpenSSH (v6) ALLOW Anywhere (v6)
以下是 UFW 日志的最后 20 行
May 20 09:51:44 sturtz kernel: [ 3229.347594] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=94.102.51.28 DST=192.168.0.5 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=61523 PROTO=TCP SPT=58116 DPT=5433 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:52:19 sturtz kernel: [ 3264.798448] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=185.137.234.205 DST=192.168.0.5 LEN=40 TOS=0x00 PREC=0x20 TTL=244 ID=47386 PROTO=TCP SPT=56127 DPT=3404 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:52:37 sturtz kernel: [ 3282.656024] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=89.248.172.101 DST=192.168.0.5 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=38261 PROTO=TCP SPT=42467 DPT=14789 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:52:43 sturtz kernel: [ 3288.586744] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=185.176.27.174 DST=192.168.0.5 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=1014 PROTO=TCP SPT=44184 DPT=44416 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:52:45 sturtz kernel: [ 3290.519284] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=89.165.142.219 DST=192.168.0.5 LEN=44 TOS=0x00 PREC=0x20 TTL=51 ID=6563 PROTO=TCP SPT=20908 DPT=8000 WINDOW=19124 RES=0x00 SYN URGP=0
May 20 09:53:19 sturtz kernel: [ 3324.501803] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=117.198.96.184 DST=192.168.0.5 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=11095 DF PROTO=TCP SPT=54603 DPT=8728 WINDOW=8192 RES=0x00 SYN URGP=0
May 20 09:53:31 sturtz kernel: [ 3335.943548] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=162.244.80.191 DST=192.168.0.5 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=23596 PROTO=TCP SPT=49361 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:54:00 sturtz kernel: [ 3365.682223] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=162.244.80.191 DST=192.168.0.5 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=59247 PROTO=TCP SPT=49361 DPT=34567 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:54:12 sturtz kernel: [ 3377.812730] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=82.77.216.217 DST=192.168.0.5 LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=38829 DF PROTO=TCP SPT=54794 DPT=8291 WINDOW=64240 RES=0x00 SYN URGP=0
May 20 09:54:15 sturtz kernel: [ 3380.798075] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=82.77.216.217 DST=192.168.0.5 LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=38831 DF PROTO=TCP SPT=54794 DPT=8291 WINDOW=64240 RES=0x00 SYN URGP=0
May 20 09:54:36 sturtz kernel: [ 3401.409066] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=162.244.80.191 DST=192.168.0.5 LEN=40 TOS=0x08 PREC=0x20 TTL=246 ID=48836 PROTO=TCP SPT=49361 DPT=5984 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:54:55 sturtz kernel: [ 3420.872766] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=89.248.168.217 DST=192.168.0.5 LEN=57 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=UDP SPT=46481 DPT=6481 LEN=37
May 20 09:55:15 sturtz kernel: [ 3440.636976] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=162.244.80.191 DST=192.168.0.5 LEN=40 TOS=0x08 PREC=0x20 TTL=246 ID=5095 PROTO=TCP SPT=49361 DPT=88 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:55:38 sturtz kernel: [ 3463.596782] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=185.156.73.65 DST=192.168.0.5 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=22233 PROTO=TCP SPT=52105 DPT=5606 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:56:06 sturtz kernel: [ 3491.162718] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=185.209.0.32 DST=192.168.0.5 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=33653 PROTO=TCP SPT=41187 DPT=13131 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:56:21 sturtz kernel: [ 3506.874677] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=162.244.80.191 DST=192.168.0.5 LEN=40 TOS=0x08 PREC=0x20 TTL=246 ID=2446 PROTO=TCP SPT=49361 DPT=5555 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:56:39 sturtz kernel: [ 3524.649919] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=162.244.80.191 DST=192.168.0.5 LEN=40 TOS=0x08 PREC=0x20 TTL=246 ID=42155 PROTO=TCP SPT=49361 DPT=1080 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:57:03 sturtz kernel: [ 3548.892867] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=183.136.225.45 DST=192.168.0.5 LEN=44 TOS=0x00 PREC=0x00 TTL=108 ID=64518 PROTO=TCP SPT=20801 DPT=8089 WINDOW=29200 RES=0x00 SYN URGP=0
May 20 09:57:15 sturtz kernel: [ 3560.579357] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=162.244.80.191 DST=192.168.0.5 LEN=40 TOS=0x08 PREC=0x20 TTL=246 ID=44530 PROTO=TCP SPT=49361 DPT=60001 WINDOW=1024 RES=0x00 SYN URGP=0
May 20 09:57:38 sturtz kernel: [ 3583.308522] [UFW BLOCK] IN=enp0s25 OUT= MAC=00:23:24:08:58:1f:00:24:7b:16:93:98:08:00 SRC=162.244.80.191 DST=192.168.0.5 LEN=40 TOS=0x08 PREC=0x20 TTL=246 ID=64173 PROTO=TCP SPT=49361 DPT=85 WINDOW=1024 RES=0x00 SYN URGP=0