14.04 開放埠​​ 8080

14.04 開放埠​​ 8080

我需要插入iptables來開啟8080。

我查看的 iptablesiptables -L是如此複雜並且有很多劃分,我不知道在哪裡放置打開連接埠的規則。

這是我的iptables -L輸出:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
INPUT_direct  all  --  anywhere             anywhere            
INPUT_ZONES_SOURCE  all  --  anywhere             anywhere            
INPUT_ZONES  all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
FORWARD_direct  all  --  anywhere             anywhere            
FORWARD_IN_ZONES_SOURCE  all  --  anywhere             anywhere            
FORWARD_IN_ZONES  all  --  anywhere             anywhere            
FORWARD_OUT_ZONES_SOURCE  all  --  anywhere             anywhere            
FORWARD_OUT_ZONES  all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
OUTPUT_direct  all  --  anywhere             anywhere            

Chain FORWARD_IN_ZONES (1 references)
target     prot opt source               destination         
FWDI_public  all  --  anywhere             anywhere            
FWDI_public  all  --  anywhere             anywhere            

Chain FORWARD_IN_ZONES_SOURCE (1 references)
target     prot opt source               destination         

Chain FORWARD_OUT_ZONES (1 references)
target     prot opt source               destination         
FWDO_public  all  --  anywhere             anywhere            
FWDO_public  all  --  anywhere             anywhere            

Chain FORWARD_OUT_ZONES_SOURCE (1 references)
target     prot opt source               destination         

Chain FORWARD_direct (1 references)
target     prot opt source               destination         

Chain FWDI_public (2 references)
target     prot opt source               destination         
FWDI_public_log  all  --  anywhere             anywhere            
FWDI_public_deny  all  --  anywhere             anywhere            
FWDI_public_allow  all  --  anywhere             anywhere            

Chain FWDI_public_allow (1 references)
target     prot opt source               destination         

Chain FWDI_public_deny (1 references)
target     prot opt source               destination         

Chain FWDI_public_log (1 references)
target     prot opt source               destination         

Chain FWDO_external (0 references)
target     prot opt source               destination         
FWDO_external_log  all  --  anywhere             anywhere            
FWDO_external_deny  all  --  anywhere             anywhere            
FWDO_external_allow  all  --  anywhere             anywhere            

Chain FWDO_external_allow (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            

Chain FWDO_external_deny (1 references)
target     prot opt source               destination         

Chain FWDO_external_log (1 references)
target     prot opt source               destination         

Chain FWDO_public (2 references)
target     prot opt source               destination         
FWDO_public_log  all  --  anywhere             anywhere            
FWDO_public_deny  all  --  anywhere             anywhere            
FWDO_public_allow  all  --  anywhere             anywhere            

Chain FWDO_public_allow (1 references)
target     prot opt source               destination         

Chain FWDO_public_deny (1 references)
target     prot opt source               destination         

Chain FWDO_public_log (1 references)
target     prot opt source               destination         

Chain INPUT_ZONES (1 references)
target     prot opt source               destination         
IN_public  all  --  anywhere             anywhere            
IN_public  all  --  anywhere             anywhere            

Chain INPUT_ZONES_SOURCE (1 references)
target     prot opt source               destination         

Chain INPUT_direct (1 references)
target     prot opt source               destination         

Chain IN_dmz (0 references)
target     prot opt source               destination         
IN_dmz_log  all  --  anywhere             anywhere            
IN_dmz_deny  all  --  anywhere             anywhere            
IN_dmz_allow  all  --  anywhere             anywhere            

Chain IN_dmz_allow (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW

Chain IN_dmz_deny (1 references)
target     prot opt source               destination         

Chain IN_dmz_log (1 references)
target     prot opt source               destination         

Chain IN_external (0 references)
target     prot opt source               destination         
IN_external_log  all  --  anywhere             anywhere            
IN_external_deny  all  --  anywhere             anywhere            
IN_external_allow  all  --  anywhere             anywhere            

Chain IN_external_allow (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW

Chain IN_external_deny (1 references)
target     prot opt source               destination         

Chain IN_external_log (1 references)
target     prot opt source               destination         

Chain IN_home (0 references)
target     prot opt source               destination         
IN_home_log  all  --  anywhere             anywhere            
IN_home_deny  all  --  anywhere             anywhere            
IN_home_allow  all  --  anywhere             anywhere            

Chain IN_home_allow (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW
ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipp ctstate NEW
ACCEPT     udp  --  anywhere             224.0.0.251          udp dpt:mdns ctstate NEW
ACCEPT     udp  --  anywhere             anywhere             udp dpt:netbios-ns ctstate NEW
ACCEPT     udp  --  anywhere             anywhere             udp dpt:netbios-dgm ctstate NEW

Chain IN_home_deny (1 references)
target     prot opt source               destination         

Chain IN_home_log (1 references)
target     prot opt source               destination         

Chain IN_internal (0 references)
target     prot opt source               destination         
IN_internal_log  all  --  anywhere             anywhere            
IN_internal_deny  all  --  anywhere             anywhere            
IN_internal_allow  all  --  anywhere             anywhere            

Chain IN_internal_allow (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW
ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipp ctstate NEW
ACCEPT     udp  --  anywhere             224.0.0.251          udp dpt:mdns ctstate NEW
ACCEPT     udp  --  anywhere             anywhere             udp dpt:netbios-ns ctstate NEW
ACCEPT     udp  --  anywhere             anywhere             udp dpt:netbios-dgm ctstate NEW

Chain IN_internal_deny (1 references)
target     prot opt source               destination         

Chain IN_internal_log (1 references)
target     prot opt source               destination         

Chain IN_public (2 references)
target     prot opt source               destination         
IN_public_log  all  --  anywhere             anywhere            
IN_public_deny  all  --  anywhere             anywhere            
IN_public_allow  all  --  anywhere             anywhere            

Chain IN_public_allow (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW

Chain IN_public_deny (1 references)
target     prot opt source               destination         

Chain IN_public_log (1 references)
target     prot opt source               destination         

Chain IN_work (0 references)
target     prot opt source               destination         
IN_work_log  all  --  anywhere             anywhere            
IN_work_deny  all  --  anywhere             anywhere            
IN_work_allow  all  --  anywhere             anywhere            

Chain IN_work_allow (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW
ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipp ctstate NEW

Chain IN_work_deny (1 references)
target     prot opt source               destination         

Chain IN_work_log (1 references)
target     prot opt source               destination         

Chain OUTPUT_direct (1 references)
target     prot opt source               destination         

答案1

我不是 iptables 專家,但查看您的配置,答案是:無所不在

第二行,無論是在 INPUT 鏈還是 FORWARD 鏈中,似乎都允許從任何地方到任何地方,因此為特定協定和連接埠號碼明確添加規則沒有多大意義。

相關內容