我在这里使用 UFW 作为基本保护。当我使用学院的 Wi-Fi 时,我会遇到一些 UFW 阻止(这是正常的,因为防火墙已打开)。
但奇怪的是,我在家里没有收到任何 UFW 日志(以前会收到一些,但现在没有任何阻止)。
以下是一些信息ufw status verbose
Status: active
Logging: on (low)
Default: reject (incoming), allow (outgoing), disabled (routed)
New profiles: skip
我的路由器或者电脑有问题吗?
编辑:我从 syslog 中包含了一些 UFW 块日志:
Mar 21 10:45:16 IBM-5100 kernel: [ 98.436052] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=33520 DF PROTO=TCP SPT=80 DPT=52722 WINDOW=530 RES=0x00 ACK FIN URGP=0
Mar 21 10:45:16 IBM-5100 kernel: [ 98.449193] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=49314 DF PROTO=TCP SPT=80 DPT=52721 WINDOW=645 RES=0x00 ACK FIN URGP=0
Mar 21 10:45:17 IBM-5100 kernel: [ 98.570999] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=58273 DF PROTO=TCP SPT=80 DPT=52723 WINDOW=619 RES=0x00 ACK FIN URGP=0
Mar 21 10:45:17 IBM-5100 kernel: [ 98.802973] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=58274 DF PROTO=TCP SPT=80 DPT=52723 WINDOW=619 RES=0x00 ACK FIN URGP=0
Mar 21 10:45:17 IBM-5100 kernel: [ 98.837751] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=47387 DF PROTO=TCP SPT=80 DPT=52725 WINDOW=491 RES=0x00 ACK FIN URGP=0
Mar 21 10:45:17 IBM-5100 kernel: [ 98.899208] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=18711 DF PROTO=TCP SPT=80 DPT=52724 WINDOW=492 RES=0x00 ACK FIN URGP=0
Mar 21 10:45:17 IBM-5100 kernel: [ 98.916786] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=33521 DF PROTO=TCP SPT=80 DPT=52722 WINDOW=530 RES=0x00 ACK FIN URGP=0
Mar 21 10:45:17 IBM-5100 kernel: [ 98.926664] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=49315 DF PROTO=TCP SPT=80 DPT=52721 WINDOW=645 RES=0x00 ACK FIN URGP=0
Mar 21 10:45:17 IBM-5100 kernel: [ 99.035012] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=58275 DF PROTO=TCP SPT=80 DPT=52723 WINDOW=619 RES=0x00 ACK FIN URGP=0
Mar 21 10:45:17 IBM-5100 kernel: [ 99.500770] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=23.216.171.218 DST=192.168.0.136 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=58276 DF PROTO=TCP SPT=80 DPT=52723 WINDOW=619 RES=0x00 ACK FIN URGP=0
Mar 21 01:04:26 IBM-5100 kernel: [ 2282.633953] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=91.189.92.10 DST=192.168.0.136 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=29648 DF PROTO=TCP SPT=443 DPT=34955 WINDOW=0 RES=0x00 RST URGP=0
Mar 21 01:04:26 IBM-5100 kernel: [ 2282.714411] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=91.189.92.11 DST=192.168.0.136 LEN=40 TOS=0x00 PREC=0x00 TTL=46 ID=27150 DF PROTO=TCP SPT=443 DPT=45527 WINDOW=0 RES=0x00 RST URGP=0
Mar 21 01:04:26 IBM-5100 kernel: [ 2282.633953] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=91.189.92.10 DST=192.168.0.136 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=29648 DF PROTO=TCP SPT=443 DPT=34955 WINDOW=0 RES=0x00 RST URGP=0
Mar 21 01:04:26 IBM-5100 kernel: [ 2282.714411] [UFW BLOCK] IN=eth0 OUT= MAC=1c:6f:65:ae:63:5e:00:24:01:97:d7:32:08:00 SRC=91.189.92.11 DST=192.168.0.136 LEN=40 TOS=0x00 PREC=0x00 TTL=46 ID=27150 DF PROTO=TCP SPT=443 DPT=45527 WINDOW=0 RES=0x00 RST URGP=0
谢谢你们帮助我。
答案1
实际上这是相同的日志。
使用命令尝试
sudo ufw logging high
之后检查登录/var/log/ufw.log