设为首页收藏本站
切换到窄版

VPS侦探论坛

 找回密码
 注册
VPS侦探论坛»VPS侦探论坛 技术交流区 LNMP一键安装包 lnmp1.2有默认添加iptable规则吗?
返回列表 发新帖
查看: 3903|回复: 1

lnmp1.2有默认添加iptable规则吗?

[复制链接]
kkfgef
发表于 2016-1-8 11:47:12 | 显示全部楼层 |阅读模式

lnmp1.2有默认添加iptable规则吗?
  1. ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
  2. ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
  3. ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80
  4. ACCEPT     tcp  --  127.0.0.1            0.0.0.0/0           tcp dpt:3306
  5. DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:3306
复制代码
这些是新安装后的规则,应该是添加进去的。我用了一下tcpdump这个命令后,却发现好多封包,还有国外的,不知是怎么回事(> 10.202.72.118.domain: 16881+ PTR? 79.243.17.112.in-addr.arpa. (44))像这些是如何理解?               
网络使用状况
lo : 已接收 : 0 GB已发送 : 0 GB
eth0 : 已接收 : 0.04041 GB已发送 : 0.00031 GB
eth1 : 已接收 : 0.50031 GB已发送 : 0.00669 GB
其中如果没有重启,那个eth1:的已接收和eth0:的已发送都成了6.E1GB之类的了,不太理解这些封包是什么,我的服务器没什么页面几乎都是静态,还没对外发布呢。先复制上前一百行:
  1. [root@iZ329ljpa3gZ ~]# tcpdump
  2. tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
  3. listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
  4. 11:35:13.235294 ARP, Request who-has 112.17.243.79 tell 10.168.90.195, length 42
  5. 11:35:13.237962 IP iZ329ljpa3gZ.51045 > 10.202.72.118.domain: 16881+ PTR? 79.243.17.112.in-addr.arpa. (44)
  6. 11:35:13.270890 IP 10.202.72.118.domain > iZ329ljpa3gZ.51045: 16881 ServFail 0/0/0 (44)
  7. 11:35:13.271054 IP iZ329ljpa3gZ.55320 > 10.202.72.116.domain: 16881+ PTR? 79.243.17.112.in-addr.arpa. (44)
  8. 11:35:13.345334 ARP, Request who-has 10.168.141.10 (Broadcast) tell 10.168.143.248, length 42
  9. 11:35:13.417593 ARP, Request who-has 14.16.234.51 tell 10.168.90.195, length 42
  10. 11:35:13.501946 ARP, Request who-has 10.168.140.5 tell 10.168.138.150, length 42
  11. 11:35:13.501960 ARP, Request who-has 10.168.140.4 tell 10.168.138.150, length 42
  12. 11:35:13.504242 ARP, Request who-has 10.168.138.150 tell 10.168.140.5, length 42
  13. 11:35:13.506290 ARP, Request who-has 10.168.140.6 tell 10.168.138.150, length 42
  14. 11:35:13.526488 ARP, Request who-has 10.168.60.84 (Broadcast) tell 10.168.63.249, length 42
  15. 11:35:13.545401 ARP, Request who-has 10.132.45.237 tell 10.168.136.108, length 42
  16. 11:35:13.588427 ARP, Request who-has 169.254.169.254 tell 10.168.54.11, length 42
  17. 11:35:13.796888 ARP, Request who-has 10.168.52.113 (Broadcast) tell 10.168.55.249, length 42
  18. 11:35:13.797211 ARP, Request who-has 58.100.68.197 tell 10.168.90.195, length 42
  19. 11:35:13.890359 ARP, Request who-has 169.254.169.254 tell 10.168.58.190, length 42
  20. 11:35:13.937274 ARP, Request who-has 183.13.147.17 tell 10.168.90.195, length 42
  21. 11:35:14.103844 IP 10.202.72.116.domain > iZ329ljpa3gZ.55320: 16881 ServFail 0/0/0 (44)
  22. 11:35:14.104376 IP iZ329ljpa3gZ.57005 > 10.202.72.118.domain: 50423+ PTR? 195.90.168.10.in-addr.arpa. (44)
  23. 11:35:14.106367 IP 10.202.72.118.domain > iZ329ljpa3gZ.57005: 50423 NXDomain* 0/1/0 (94)
  24. 11:35:14.106595 IP iZ329ljpa3gZ.51673 > 10.202.72.116.domain: 56509+ PTR? 118.72.202.10.in-addr.arpa. (44)
  25. 11:35:14.108589 IP 10.202.72.116.domain > iZ329ljpa3gZ.51673: 56509 NXDomain* 0/1/0 (94)
  26. 11:35:14.108972 IP iZ329ljpa3gZ.58597 > 10.202.72.118.domain: 63593+ PTR? 116.72.202.10.in-addr.arpa. (44)
  27. 11:35:14.110800 IP 10.202.72.118.domain > iZ329ljpa3gZ.58597: 63593 NXDomain* 0/1/0 (94)
  28. 11:35:14.111331 IP iZ329ljpa3gZ.53459 > 10.202.72.116.domain: 56630+ PTR? 10.141.168.10.in-addr.arpa. (44)
  29. 11:35:14.113403 IP 10.202.72.116.domain > iZ329ljpa3gZ.53459: 56630 NXDomain* 0/1/0 (94)
  30. 11:35:14.113601 IP iZ329ljpa3gZ.37949 > 10.202.72.116.domain: 4693+ PTR? 248.143.168.10.in-addr.arpa. (45)
  31. 11:35:14.113930 ARP, Request who-has 10.162.87.238 tell 10.168.136.108, length 42
  32. 11:35:14.115593 IP 10.202.72.116.domain > iZ329ljpa3gZ.37949: 4693 NXDomain* 0/1/0 (95)
  33. 11:35:14.115838 IP iZ329ljpa3gZ.34986 > 10.202.72.116.domain: 49085+ PTR? 51.234.16.14.in-addr.arpa. (43)
  34. 11:35:14.185074 ARP, Request who-has 10.252.125.135 tell 10.168.136.108, length 42
  35. 11:35:14.233950 ARP, Request who-has 112.17.243.79 tell 10.168.90.195, length 42
  36. 11:35:14.337016 IP 10.202.72.116.domain > iZ329ljpa3gZ.34986: 49085 NXDomain 0/1/0 (132)
  37. 11:35:14.337510 IP iZ329ljpa3gZ.55912 > 10.202.72.116.domain: 52826+ PTR? 5.140.168.10.in-addr.arpa. (43)
  38. 11:35:14.341607 IP 10.202.72.116.domain > iZ329ljpa3gZ.55912: 52826 NXDomain* 0/1/0 (93)
  39. 11:35:14.341854 IP iZ329ljpa3gZ.44598 > 10.202.72.116.domain: 28992+ PTR? 150.138.168.10.in-addr.arpa. (45)
  40. 11:35:14.343626 IP 10.202.72.116.domain > iZ329ljpa3gZ.44598: 28992 NXDomain* 0/1/0 (95)
  41. 11:35:14.343903 IP iZ329ljpa3gZ.35689 > 10.202.72.118.domain: 18735+ PTR? 4.140.168.10.in-addr.arpa. (43)
  42. 11:35:14.346293 IP iZ329ljpa3gZ.50200 > 10.202.72.118.domain: 29624+ PTR? 6.140.168.10.in-addr.arpa. (43)
  43. 11:35:14.348373 IP 10.202.72.118.domain > iZ329ljpa3gZ.50200: 29624 NXDomain* 0/1/0 (93)
  44. 11:35:14.348581 IP iZ329ljpa3gZ.54162 > 10.202.72.116.domain: 64589+ PTR? 84.60.168.10.in-addr.arpa. (43)
  45. 11:35:14.352926 IP iZ329ljpa3gZ.56612 > 10.202.72.118.domain: 31336+ PTR? 237.45.132.10.in-addr.arpa. (44)
  46. 11:35:14.357366 IP iZ329ljpa3gZ.37604 > 10.202.72.118.domain: 33093+ PTR? 254.169.254.169.in-addr.arpa. (46)
  47. 11:35:14.362179 IP iZ329ljpa3gZ.47507 > 10.202.72.116.domain: 57876+ PTR? 113.52.168.10.in-addr.arpa. (44)
  48. 11:35:14.366888 IP iZ329ljpa3gZ.45956 > 10.202.72.118.domain: 34270+ PTR? 197.68.100.58.in-addr.arpa. (44)
  49. 11:35:14.398933 IP iZ329ljpa3gZ.33488 > 10.202.72.116.domain: 59554+ PTR? 190.58.168.10.in-addr.arpa. (44)
  50. 11:35:14.401125 IP iZ329ljpa3gZ.54010 > 10.202.72.116.domain: 30942+ PTR? 17.147.13.183.in-addr.arpa. (44)
  51. 11:35:14.463199 IP iZ329ljpa3gZ.36544 > 10.202.72.116.domain: 42944+ PTR? 238.87.162.10.in-addr.arpa. (44)
  52. 11:35:14.465341 IP 10.202.72.116.domain > iZ329ljpa3gZ.36544: 42944 NXDomain* 0/1/0 (94)
  53. 11:35:14.465603 IP iZ329ljpa3gZ.35012 > 10.202.72.116.domain: 36372+ PTR? 135.125.252.10.in-addr.arpa. (45)
  54. 11:35:14.467561 IP 10.202.72.116.domain > iZ329ljpa3gZ.35012: 36372 NXDomain* 0/1/0 (95)
  55. 11:35:14.496504 ARP, Request who-has 10.168.98.80 (Broadcast) tell 10.168.103.249, length 42
  56. 11:35:14.496808 IP iZ329ljpa3gZ.55996 > 10.202.72.116.domain: 38565+ PTR? 80.98.168.10.in-addr.arpa. (43)
  57. 11:35:14.498726 IP 10.202.72.116.domain > iZ329ljpa3gZ.55996: 38565 NXDomain* 0/1/0 (93)
  58. 11:35:14.498922 IP iZ329ljpa3gZ.59260 > 10.202.72.118.domain: 47735+ PTR? 249.103.168.10.in-addr.arpa. (45)
  59. 11:35:14.499497 ARP, Request who-has 10.168.140.4 tell 10.168.138.150, length 42
  60. 11:35:14.501017 IP 10.202.72.118.domain > iZ329ljpa3gZ.59260: 47735 NXDomain* 0/1/0 (95)
  61. 11:35:14.545330 ARP, Request who-has 10.132.45.237 tell 10.168.136.108, length 42
  62. 11:35:14.605623 ARP, Request who-has 169.254.169.254 tell 10.168.54.11, length 42
  63. 11:35:14.798073 ARP, Request who-has 58.100.68.197 tell 10.168.90.195, length 42
  64. 11:35:14.846123 ARP, Request who-has 10.168.99.212 (Broadcast) tell 10.168.103.249, length 42
  65. 11:35:14.846506 IP iZ329ljpa3gZ.53359 > 10.202.72.118.domain: 60007+ PTR? 212.99.168.10.in-addr.arpa. (44)
  66. 11:35:14.848614 IP 10.202.72.118.domain > iZ329ljpa3gZ.53359: 60007 NXDomain* 0/1/0 (94)
  67. 11:35:14.889781 ARP, Request who-has 169.254.169.254 tell 10.168.58.190, length 42
  68. 11:35:15.043336 ARP, Request who-has 10.168.95.247 tell 10.168.90.115, length 42
  69. 11:35:15.043727 IP iZ329ljpa3gZ.38436 > 10.202.72.116.domain: 63709+ PTR? 247.95.168.10.in-addr.arpa. (44)
  70. 11:35:15.045846 IP 10.202.72.116.domain > iZ329ljpa3gZ.38436: 63709 NXDomain* 0/1/0 (94)
  71. 11:35:15.046065 IP iZ329ljpa3gZ.55331 > 10.202.72.118.domain: 40847+ PTR? 115.90.168.10.in-addr.arpa. (44)
  72. 11:35:15.047262 ARP, Request who-has 10.168.143.169 (Broadcast) tell 10.168.143.249, length 42
  73. 11:35:15.048165 IP 10.202.72.118.domain > iZ329ljpa3gZ.55331: 40847 NXDomain* 0/1/0 (94)
  74. 11:35:15.048411 IP iZ329ljpa3gZ.53983 > 10.202.72.118.domain: 7913+ PTR? 169.143.168.10.in-addr.arpa. (45)
  75. 11:35:15.050294 IP 10.202.72.118.domain > iZ329ljpa3gZ.53983: 7913 NXDomain* 0/1/0 (95)
  76. 11:35:15.050471 IP iZ329ljpa3gZ.51083 > 10.202.72.118.domain: 31210+ PTR? 249.143.168.10.in-addr.arpa. (45)
  77. 11:35:15.052469 IP 10.202.72.118.domain > iZ329ljpa3gZ.51083: 31210 NXDomain* 0/1/0 (95)
  78. 11:35:15.078445 ARP, Request who-has 169.254.169.254 tell 10.168.70.246, length 42
  79. 11:35:15.078739 IP iZ329ljpa3gZ.37106 > 10.202.72.118.domain: 36151+ PTR? 246.70.168.10.in-addr.arpa. (44)
  80. 11:35:15.080608 IP 10.202.72.118.domain > iZ329ljpa3gZ.37106: 36151 NXDomain* 0/1/0 (94)
  81. 11:35:15.106521 ARP, Request who-has 10.168.103.24 (Broadcast) tell 10.168.103.249, length 42
  82. 11:35:15.106914 IP iZ329ljpa3gZ.37151 > 10.202.72.118.domain: 8190+ PTR? 24.103.168.10.in-addr.arpa. (44)
  83. 11:35:15.108803 IP 10.202.72.118.domain > iZ329ljpa3gZ.37151: 8190 NXDomain* 0/1/0 (94)
  84. 11:35:15.117107 ARP, Request who-has 10.162.87.238 tell 10.168.136.108, length 42
  85. 11:35:15.182613 ARP, Request who-has 10.252.125.135 tell 10.168.136.108, length 42
  86. 11:35:15.417241 ARP, Request who-has 14.16.234.51 tell 10.168.90.195, length 42
  87. 11:35:15.486299 ARP, Request who-has 10.168.68.173 (Broadcast) tell 10.168.71.249, length 42
  88. 11:35:15.486706 IP iZ329ljpa3gZ.55469 > 10.202.72.116.domain: 19913+ PTR? 173.68.168.10.in-addr.arpa. (44)
  89. 11:35:15.488736 IP 10.202.72.116.domain > iZ329ljpa3gZ.55469: 19913 NXDomain* 0/1/0 (94)
  90. 11:35:15.488950 IP iZ329ljpa3gZ.40957 > 10.202.72.116.domain: 3527+ PTR? 249.71.168.10.in-addr.arpa. (44)
复制代码
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
回复

举报

licess
发表于 2016-1-8 13:17:26 | 显示全部楼层


最前面你贴的就是默认添加的规则

6.E1GB 这是是很小的单位,只要是机器联网就不可避免会跑流量,就是随便一台家用路由只放在那边,不连机器也会跑流量

具体tcpdump结果建议先去了解tcpdump
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
回复 支持 反对

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2024-11-17 16:49 , Processed in 0.025706 second(s), 16 queries .

Powered by Discuz! X3.4

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表