我从ip 188.241.114.22看到很多与我的apache服务器建立的连接,最终导致apache挂起.重新启动服务后,一切正常.
我尝试在iptables中添加规则
我尝试在iptables中添加规则
-A INPUT -s 188.241.114.22 -j DROP
但尽管如此,我仍然看到来自该IP的连接.
我正在使用centOS,我正在添加像你这样的规则:
iptables -A INPUT -s 188.241.114.22 -j DROP
正好我用它来保存它:service iptables save
这是iptables -L -v的输出
Chain INPUT (policy ACCEPT 120K packets,16M bytes) pkts bytes target prot opt in out source destination 0 0 DROP all -- any any lg01.mia02.pccwbtn.net anywhere 0 0 DROP all -- any any c-98-210-5-174.hsd1.ca.comcast.net anywhere 0 0 DROP all -- any any c-98-201-5-174.hsd1.tx.comcast.net anywhere 0 0 DROP all -- any any lg01.mia02.pccwbtn.net anywhere 0 0 DROP all -- any any www.dabacus2.com anywhere 0 0 DROP all -- any any 116.255.163.100 anywhere 0 0 DROP all -- any any 94.23.119.11 anywhere 0 0 DROP all -- any any 164.bajanet.mx anywhere 0 0 DROP all -- any any 173-203-71-136.static.cloud-ips.com anywhere 0 0 DROP all -- any any v1.oxygen.ro anywhere 0 0 DROP all -- any any 74.122.177.12 anywhere 0 0 DROP all -- any any 58.83.227.150 anywhere 0 0 DROP all -- any any v1.oxygen.ro anywhere 0 0 DROP all -- any any v1.oxygen.ro anywhere Chain FORWARD (policy ACCEPT 0 packets,0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 186K packets,224M bytes) pkts bytes target prot opt in out source destination
解决方法
命令iptables -A INPUT在INPUT链的末尾添加一个新规则. Iptables在第一个匹配原则上工作,因此您可能有规则允许在链中较早的端口80上访问.
使用a保存iptables的状态
服务iptables保存
然后编辑/ etc / sysconfig / iptables文件并将-A INPUT -s 188.241.114.22 -j DROP移动到允许端口80的行上方.保存文件并运行
service iptables restart
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。