军哥你好,linode debian8.1 用lnmp1.3做好后总是自动生成iptables文件
刚开始自动生成的是/etc/iptables.rule,内容如下:# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016*security
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
COMMIT
# Completed on Wed Mar 16 02:02:21 2016
# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016
*raw
:PREROUTING ACCEPT
:OUTPUT ACCEPT
COMMIT
# Completed on Wed Mar 16 02:02:21 2016
# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016
*nat
:PREROUTING ACCEPT
:INPUT ACCEPT
:OUTPUT ACCEPT
:POSTROUTING ACCEPT
COMMIT
# Completed on Wed Mar 16 02:02:21 2016
# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016
*mangle
:PREROUTING ACCEPT
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
:POSTROUTING ACCEPT
COMMIT
# Completed on Wed Mar 16 02:02:21 2016
# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 59998 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j DROP
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20000:30000 -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 59998 -j ACCEPT
COMMIT
# Completed on Wed Mar 16 02:02:21 2016 然后我按照网上复制了一份防火墙代码,并把这个文件设为不可写,重启VPS,结果又自动生成了iptables.rules,内容同上。。
这个是系统什么软件自动生成的。。如何禁用呢 https://www.vpser.net/security/linux-iptables.html 将文章后面说明的执行文件删除就行了
页:
[1]