kkfgef 发表于 2016-1-8 11:47:12

lnmp1.2有默认添加iptable规则吗?

lnmp1.2有默认添加iptable规则吗?ACCEPT   all--0.0.0.0/0            0.0.0.0/0         
ACCEPT   all--0.0.0.0/0            0.0.0.0/0         state RELATED,ESTABLISHED
ACCEPT   tcp--0.0.0.0/0            0.0.0.0/0         tcp dpt:80
ACCEPT   tcp--127.0.0.1            0.0.0.0/0         tcp dpt:3306
DROP       tcp--0.0.0.0/0            0.0.0.0/0         tcp dpt:3306 这些是新安装后的规则,应该是添加进去的。我用了一下tcpdump这个命令后,却发现好多封包,还有国外的,不知是怎么回事(> 10.202.72.118.domain: 16881+ PTR? 79.243.17.112.in-addr.arpa. (44))像这些是如何理解?               网络使用状况lo : 已接收 : 0 GB已发送 : 0 GBeth0 : 已接收 : 0.04041 GB已发送 : 0.00031 GBeth1 : 已接收 : 0.50031 GB已发送 : 0.00669 GB其中如果没有重启,那个eth1:的已接收和eth0:的已发送都成了6.E1GB之类的了,不太理解这些封包是什么,我的服务器没什么页面几乎都是静态,还没对外发布呢。先复制上前一百行:# tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
11:35:13.235294 ARP, Request who-has 112.17.243.79 tell 10.168.90.195, length 42
11:35:13.237962 IP iZ329ljpa3gZ.51045 > 10.202.72.118.domain: 16881+ PTR? 79.243.17.112.in-addr.arpa. (44)
11:35:13.270890 IP 10.202.72.118.domain > iZ329ljpa3gZ.51045: 16881 ServFail 0/0/0 (44)
11:35:13.271054 IP iZ329ljpa3gZ.55320 > 10.202.72.116.domain: 16881+ PTR? 79.243.17.112.in-addr.arpa. (44)
11:35:13.345334 ARP, Request who-has 10.168.141.10 (Broadcast) tell 10.168.143.248, length 42
11:35:13.417593 ARP, Request who-has 14.16.234.51 tell 10.168.90.195, length 42
11:35:13.501946 ARP, Request who-has 10.168.140.5 tell 10.168.138.150, length 42
11:35:13.501960 ARP, Request who-has 10.168.140.4 tell 10.168.138.150, length 42
11:35:13.504242 ARP, Request who-has 10.168.138.150 tell 10.168.140.5, length 42
11:35:13.506290 ARP, Request who-has 10.168.140.6 tell 10.168.138.150, length 42
11:35:13.526488 ARP, Request who-has 10.168.60.84 (Broadcast) tell 10.168.63.249, length 42
11:35:13.545401 ARP, Request who-has 10.132.45.237 tell 10.168.136.108, length 42
11:35:13.588427 ARP, Request who-has 169.254.169.254 tell 10.168.54.11, length 42
11:35:13.796888 ARP, Request who-has 10.168.52.113 (Broadcast) tell 10.168.55.249, length 42
11:35:13.797211 ARP, Request who-has 58.100.68.197 tell 10.168.90.195, length 42
11:35:13.890359 ARP, Request who-has 169.254.169.254 tell 10.168.58.190, length 42
11:35:13.937274 ARP, Request who-has 183.13.147.17 tell 10.168.90.195, length 42
11:35:14.103844 IP 10.202.72.116.domain > iZ329ljpa3gZ.55320: 16881 ServFail 0/0/0 (44)
11:35:14.104376 IP iZ329ljpa3gZ.57005 > 10.202.72.118.domain: 50423+ PTR? 195.90.168.10.in-addr.arpa. (44)
11:35:14.106367 IP 10.202.72.118.domain > iZ329ljpa3gZ.57005: 50423 NXDomain* 0/1/0 (94)
11:35:14.106595 IP iZ329ljpa3gZ.51673 > 10.202.72.116.domain: 56509+ PTR? 118.72.202.10.in-addr.arpa. (44)
11:35:14.108589 IP 10.202.72.116.domain > iZ329ljpa3gZ.51673: 56509 NXDomain* 0/1/0 (94)
11:35:14.108972 IP iZ329ljpa3gZ.58597 > 10.202.72.118.domain: 63593+ PTR? 116.72.202.10.in-addr.arpa. (44)
11:35:14.110800 IP 10.202.72.118.domain > iZ329ljpa3gZ.58597: 63593 NXDomain* 0/1/0 (94)
11:35:14.111331 IP iZ329ljpa3gZ.53459 > 10.202.72.116.domain: 56630+ PTR? 10.141.168.10.in-addr.arpa. (44)
11:35:14.113403 IP 10.202.72.116.domain > iZ329ljpa3gZ.53459: 56630 NXDomain* 0/1/0 (94)
11:35:14.113601 IP iZ329ljpa3gZ.37949 > 10.202.72.116.domain: 4693+ PTR? 248.143.168.10.in-addr.arpa. (45)
11:35:14.113930 ARP, Request who-has 10.162.87.238 tell 10.168.136.108, length 42
11:35:14.115593 IP 10.202.72.116.domain > iZ329ljpa3gZ.37949: 4693 NXDomain* 0/1/0 (95)
11:35:14.115838 IP iZ329ljpa3gZ.34986 > 10.202.72.116.domain: 49085+ PTR? 51.234.16.14.in-addr.arpa. (43)
11:35:14.185074 ARP, Request who-has 10.252.125.135 tell 10.168.136.108, length 42
11:35:14.233950 ARP, Request who-has 112.17.243.79 tell 10.168.90.195, length 42
11:35:14.337016 IP 10.202.72.116.domain > iZ329ljpa3gZ.34986: 49085 NXDomain 0/1/0 (132)
11:35:14.337510 IP iZ329ljpa3gZ.55912 > 10.202.72.116.domain: 52826+ PTR? 5.140.168.10.in-addr.arpa. (43)
11:35:14.341607 IP 10.202.72.116.domain > iZ329ljpa3gZ.55912: 52826 NXDomain* 0/1/0 (93)
11:35:14.341854 IP iZ329ljpa3gZ.44598 > 10.202.72.116.domain: 28992+ PTR? 150.138.168.10.in-addr.arpa. (45)
11:35:14.343626 IP 10.202.72.116.domain > iZ329ljpa3gZ.44598: 28992 NXDomain* 0/1/0 (95)
11:35:14.343903 IP iZ329ljpa3gZ.35689 > 10.202.72.118.domain: 18735+ PTR? 4.140.168.10.in-addr.arpa. (43)
11:35:14.346293 IP iZ329ljpa3gZ.50200 > 10.202.72.118.domain: 29624+ PTR? 6.140.168.10.in-addr.arpa. (43)
11:35:14.348373 IP 10.202.72.118.domain > iZ329ljpa3gZ.50200: 29624 NXDomain* 0/1/0 (93)
11:35:14.348581 IP iZ329ljpa3gZ.54162 > 10.202.72.116.domain: 64589+ PTR? 84.60.168.10.in-addr.arpa. (43)
11:35:14.352926 IP iZ329ljpa3gZ.56612 > 10.202.72.118.domain: 31336+ PTR? 237.45.132.10.in-addr.arpa. (44)
11:35:14.357366 IP iZ329ljpa3gZ.37604 > 10.202.72.118.domain: 33093+ PTR? 254.169.254.169.in-addr.arpa. (46)
11:35:14.362179 IP iZ329ljpa3gZ.47507 > 10.202.72.116.domain: 57876+ PTR? 113.52.168.10.in-addr.arpa. (44)
11:35:14.366888 IP iZ329ljpa3gZ.45956 > 10.202.72.118.domain: 34270+ PTR? 197.68.100.58.in-addr.arpa. (44)
11:35:14.398933 IP iZ329ljpa3gZ.33488 > 10.202.72.116.domain: 59554+ PTR? 190.58.168.10.in-addr.arpa. (44)
11:35:14.401125 IP iZ329ljpa3gZ.54010 > 10.202.72.116.domain: 30942+ PTR? 17.147.13.183.in-addr.arpa. (44)
11:35:14.463199 IP iZ329ljpa3gZ.36544 > 10.202.72.116.domain: 42944+ PTR? 238.87.162.10.in-addr.arpa. (44)
11:35:14.465341 IP 10.202.72.116.domain > iZ329ljpa3gZ.36544: 42944 NXDomain* 0/1/0 (94)
11:35:14.465603 IP iZ329ljpa3gZ.35012 > 10.202.72.116.domain: 36372+ PTR? 135.125.252.10.in-addr.arpa. (45)
11:35:14.467561 IP 10.202.72.116.domain > iZ329ljpa3gZ.35012: 36372 NXDomain* 0/1/0 (95)
11:35:14.496504 ARP, Request who-has 10.168.98.80 (Broadcast) tell 10.168.103.249, length 42
11:35:14.496808 IP iZ329ljpa3gZ.55996 > 10.202.72.116.domain: 38565+ PTR? 80.98.168.10.in-addr.arpa. (43)
11:35:14.498726 IP 10.202.72.116.domain > iZ329ljpa3gZ.55996: 38565 NXDomain* 0/1/0 (93)
11:35:14.498922 IP iZ329ljpa3gZ.59260 > 10.202.72.118.domain: 47735+ PTR? 249.103.168.10.in-addr.arpa. (45)
11:35:14.499497 ARP, Request who-has 10.168.140.4 tell 10.168.138.150, length 42
11:35:14.501017 IP 10.202.72.118.domain > iZ329ljpa3gZ.59260: 47735 NXDomain* 0/1/0 (95)
11:35:14.545330 ARP, Request who-has 10.132.45.237 tell 10.168.136.108, length 42
11:35:14.605623 ARP, Request who-has 169.254.169.254 tell 10.168.54.11, length 42
11:35:14.798073 ARP, Request who-has 58.100.68.197 tell 10.168.90.195, length 42
11:35:14.846123 ARP, Request who-has 10.168.99.212 (Broadcast) tell 10.168.103.249, length 42
11:35:14.846506 IP iZ329ljpa3gZ.53359 > 10.202.72.118.domain: 60007+ PTR? 212.99.168.10.in-addr.arpa. (44)
11:35:14.848614 IP 10.202.72.118.domain > iZ329ljpa3gZ.53359: 60007 NXDomain* 0/1/0 (94)
11:35:14.889781 ARP, Request who-has 169.254.169.254 tell 10.168.58.190, length 42
11:35:15.043336 ARP, Request who-has 10.168.95.247 tell 10.168.90.115, length 42
11:35:15.043727 IP iZ329ljpa3gZ.38436 > 10.202.72.116.domain: 63709+ PTR? 247.95.168.10.in-addr.arpa. (44)
11:35:15.045846 IP 10.202.72.116.domain > iZ329ljpa3gZ.38436: 63709 NXDomain* 0/1/0 (94)
11:35:15.046065 IP iZ329ljpa3gZ.55331 > 10.202.72.118.domain: 40847+ PTR? 115.90.168.10.in-addr.arpa. (44)
11:35:15.047262 ARP, Request who-has 10.168.143.169 (Broadcast) tell 10.168.143.249, length 42
11:35:15.048165 IP 10.202.72.118.domain > iZ329ljpa3gZ.55331: 40847 NXDomain* 0/1/0 (94)
11:35:15.048411 IP iZ329ljpa3gZ.53983 > 10.202.72.118.domain: 7913+ PTR? 169.143.168.10.in-addr.arpa. (45)
11:35:15.050294 IP 10.202.72.118.domain > iZ329ljpa3gZ.53983: 7913 NXDomain* 0/1/0 (95)
11:35:15.050471 IP iZ329ljpa3gZ.51083 > 10.202.72.118.domain: 31210+ PTR? 249.143.168.10.in-addr.arpa. (45)
11:35:15.052469 IP 10.202.72.118.domain > iZ329ljpa3gZ.51083: 31210 NXDomain* 0/1/0 (95)
11:35:15.078445 ARP, Request who-has 169.254.169.254 tell 10.168.70.246, length 42
11:35:15.078739 IP iZ329ljpa3gZ.37106 > 10.202.72.118.domain: 36151+ PTR? 246.70.168.10.in-addr.arpa. (44)
11:35:15.080608 IP 10.202.72.118.domain > iZ329ljpa3gZ.37106: 36151 NXDomain* 0/1/0 (94)
11:35:15.106521 ARP, Request who-has 10.168.103.24 (Broadcast) tell 10.168.103.249, length 42
11:35:15.106914 IP iZ329ljpa3gZ.37151 > 10.202.72.118.domain: 8190+ PTR? 24.103.168.10.in-addr.arpa. (44)
11:35:15.108803 IP 10.202.72.118.domain > iZ329ljpa3gZ.37151: 8190 NXDomain* 0/1/0 (94)
11:35:15.117107 ARP, Request who-has 10.162.87.238 tell 10.168.136.108, length 42
11:35:15.182613 ARP, Request who-has 10.252.125.135 tell 10.168.136.108, length 42
11:35:15.417241 ARP, Request who-has 14.16.234.51 tell 10.168.90.195, length 42
11:35:15.486299 ARP, Request who-has 10.168.68.173 (Broadcast) tell 10.168.71.249, length 42
11:35:15.486706 IP iZ329ljpa3gZ.55469 > 10.202.72.116.domain: 19913+ PTR? 173.68.168.10.in-addr.arpa. (44)
11:35:15.488736 IP 10.202.72.116.domain > iZ329ljpa3gZ.55469: 19913 NXDomain* 0/1/0 (94)
11:35:15.488950 IP iZ329ljpa3gZ.40957 > 10.202.72.116.domain: 3527+ PTR? 249.71.168.10.in-addr.arpa. (44)

licess 发表于 2016-1-8 13:17:26

最前面你贴的就是默认添加的规则

6.E1GB 这是是很小的单位,只要是机器联网就不可避免会跑流量,就是随便一台家用路由只放在那边,不连机器也会跑流量

具体tcpdump结果建议先去了解tcpdump
页: [1]
查看完整版本: lnmp1.2有默认添加iptable规则吗?