Linux

這個 iptables 規則是否禁止使用 https:// … :7777 訪問伺服器?

  • August 23, 2012

似乎沒有明確指定不允許從外部訪問 7777 埠,但問題是我只能在關閉 iptables 服務時通過 https:// … :7777 訪問該主機。

所以我的問題是以下規則集中的哪個規則只是禁止我使用 https:// … :7777 訪問我的主機?

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            icmp any 
ACCEPT     esp  --  anywhere             anywhere            
ACCEPT     ah   --  anywhere             anywhere            
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

您在 INPUT 鏈的末尾有一條 REJECT 規則:

REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

引用自:https://serverfault.com/questions/420471