请教军哥关于UFW防火墙的问题?
我的服务器使用的是Ubuntu16.04系统,内置UFW防火墙,底层仍然是iptables。这几天测试发现启用了UFW防火墙,但是似乎屏蔽的I恶意P根本封锁不住。使用“UFW Status”命令显示IP已经被禁止,但是使用netstat命令发现被禁止的恶意IP依然在访问服务器。是我不会设置吗?还是其他原因?希望军哥能给与指点,谢谢! ufw没用过,貌似ufw只是前端,iptables才是真正进行管理的,可以iptables -L -n 看一下 使用iptables -L -n命令查看后如下结果:……
Chain ufw-user-input (1 references)
target prot opt source destination
ACCEPT tcp--0.0.0.0/0 0.0.0.0/0 tcp dpt:80
ACCEPT udp--0.0.0.0/0 0.0.0.0/0 udp dpt:80
DROP all--42.236.102.1/42.236.102.2550.0.0.0/0
DROP all--42.236.101.1/42.236.101.2550.0.0.0/0
DROP all--42.236.103.1/42.236.103.2550.0.0.0/0
DROP all--42.236.46.1/42.236.46.2550.0.0.0/0
DROP all--42.236.12.1/42.236.12.2550.0.0.0/0
DROP all--42.236.54.1/42.236.54.2550.0.0.0/0
DROP all--42.236.55.1/42.236.55.2550.0.0.0/0
DROP all--207.241.229.1/207.241.229.2550.0.0.0/0
DROP all--207.241.231.1/207.241.231.2550.0.0.0/0
DROP all--183.36.114.1/183.36.114.2550.0.0.0/0
DROP all--117.136.54.1/117.136.54.2550.0.0.0/0
DROP all--183.60.191.52 0.0.0.0/0
DROP all--42.236.10.1/42.236.10.2550.0.0.0/0
DROP all--42.236.99.1/42.236.99.2550.0.0.0/0
DROP all--42.236.48.1/42.236.48.2550.0.0.0/0
DROP all--42.236.49.1/42.236.49.2550.0.0.0/0
DROP all--42.236.50.1/42.236.50.2550.0.0.0/0
DROP all--42.236.31.1/42.236.31.2550.0.0.0/0
DROP all--106.11.152.1/106.11.152.2550.0.0.0/0
DROP all--106.11.153.1/106.11.153.2550.0.0.0/0
DROP all--106.11.154.1/106.11.154.2550.0.0.0/0
DROP all--106.11.155.1/106.11.155.2550.0.0.0/0
DROP all--106.11.156.1/106.11.156.2550.0.0.0/0
DROP all--106.11.157.1/106.11.157.2550.0.0.0/0
DROP all--106.11.158.1/106.11.158.2550.0.0.0/0
DROP all--106.11.159.1/106.11.159.2550.0.0.0/0
DROP all--218.30.103.250 0.0.0.0/0
DROP all--162.247.102.162 0.0.0.0/0
……
貌似这些IP已经被UFW加入iptables防火墙了,但是好像拦截无效。
页:
[1]