军哥你好，linode debian8.1 用lnmp1.3做好后总是自动生成iptables文件

cangku01 · 发表于 2016-3-16 02:11:41

刚开始自动生成的是/etc/iptables.rule，内容如下：# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016
*security
:INPUT ACCEPT [809:80059]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [613:499418]
COMMIT
# Completed on Wed Mar 16 02:02:21 2016
# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016
*raw

REROUTING ACCEPT [822:84251]
:OUTPUT ACCEPT [613:499418]
COMMIT
# Completed on Wed Mar 16 02:02:21 2016
# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016
*nat

REROUTING ACCEPT [46:6121]
:INPUT ACCEPT [33:1929]
:OUTPUT ACCEPT [28:2299]

OSTROUTING ACCEPT [28:2299]
COMMIT
# Completed on Wed Mar 16 02:02:21 2016
# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016
*mangle

REROUTING ACCEPT [822:84251]
:INPUT ACCEPT [810:80099]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [613:499418]

OSTROUTING ACCEPT [613:499418]
COMMIT
# Completed on Wed Mar 16 02:02:21 2016
# Generated by iptables-save v1.4.21 on Wed Mar 16 02:02:21 2016
*filter
:INPUT ACCEPT [5:301]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [613:499418]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 59998 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j DROP
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20000:30000 -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 59998 -j ACCEPT
COMMIT
# Completed on Wed Mar 16 02:02:21 2016

cangku01 · 发表于 2016-3-16 02:13:52

然后我按照网上复制了一份防火墙代码，并把这个文件设为不可写，重启VPS，结果又自动生成了iptables.rules，内容同上。。
这个是系统什么软件自动生成的。。如何禁用呢

licess · 发表于 2016-3-16 08:23:01

https://www.vpser.net/security/linux-iptables.html 将文章后面说明的执行文件删除就行了

		自动登录	找回密码
密码			注册