![仍然收到 [UFW BLOCK],适用哪些规则?](https://linux22.com/image/954622/%E4%BB%8D%E7%84%B6%E6%94%B6%E5%88%B0%20%5BUFW%20BLOCK%5D%EF%BC%8C%E9%80%82%E7%94%A8%E5%93%AA%E4%BA%9B%E8%A7%84%E5%88%99%EF%BC%9F.png)
我仍然收到一条消息 UFW BLOCKED:
Dec 22 05:12:41 ge-domoticz kernel: [5324365.003868] [UFW BLOCK] IN=eth0 OUT= MAC=b8:27:eb:a1:7b:8b:38:1f:8d:e9:e4:9f:08:00:45:00:00:28:92:8c:00:00:ff:06:2f:d4 SRC=192.168.188.5 DST=192.168.188.24 LEN=40 TOS=0x00 PREC=0x00 TTL=255 ID=37516 PROTO=TCP SPT=6668 DPT=43084 WINDOW=4380 RES=0x00 ACK RST URGP=0
我尝试了以下规则,但 UFW BLOCKED 仍然出现:
[10] Anywhere on eth0 ALLOW IN 192.168.188.0/24 6668/tcp # iOt
[11] Anywhere ALLOW IN 192.168.188.0/24 6668/tcp # iOt
[12] 192.168.188.0/24 ALLOW IN 6668/tcp # iOt
原始 iptables:
-A ufw-user-input -s 192.168.188.0/24 -i eth0 -p tcp -m tcp --sport 6668 -j ACCEPT
-A ufw-user-input -s 192.168.188.0/24 -p tcp -m tcp --sport 6668 -j ACCEPT
-A ufw-user-input -d 192.168.188.0/24 -p tcp -m tcp --sport 6668 -j ACCEPT
有什么建议吗?这里有什么问题?如何允许源/目标为 192.168.188.0/24 的任何端口的所有流量?