ssh 连接需要开放哪些端口

发布于 2022-09-07 20:03:13 字数 6151 浏览 24 评论 0

目前的iptables如附

-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -m state --state INVALID -j DROP
-A OUTPUT -p tcp -m tcp --sport 22 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 80 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 443 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 53 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p icmp -j ACCEPT
-A OUTPUT -p udp -m udp --dport 68 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 68 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 67 -j ACCEPT

仅仅只要看OUTPUT就行了。

因为我一旦把OUTPUT默认规则设成ACCEPT.立马就能够ssh其他主机了。

但是我看不懂还需要开什么端口?

67好像一定要开的,我看messages要发送DHCP package

这是fail log

Jul 30 06:14:37 localhost dhclient[99799]: DHCPREQUEST on ens33 to 192.168.27.254 port 67 (xid=0x2a4c9dda)
Jul 30 06:14:37 localhost dhclient[99799]: DHCPACK from 192.168.27.254 (xid=0x2a4c9dda)
Jul 30 06:14:37 localhost NetworkManager[897]: <info> [1532945677.2777] dhcp4 (ens33): address 192.168.27.148
Jul 30 06:14:37 localhost NetworkManager[897]: <info> [1532945677.2782] dhcp4 (ens33): plen 24 (255.255.255.0)
Jul 30 06:14:37 localhost NetworkManager[897]: <info> [1532945677.2783] dhcp4 (ens33): gateway 192.168.27.2
Jul 30 06:14:37 localhost NetworkManager[897]: <info> [1532945677.2783] dhcp4 (ens33): lease time 1800
Jul 30 06:14:37 localhost NetworkManager[897]: <info> [1532945677.2783] dhcp4 (ens33): nameserver '192.168.27.2'
Jul 30 06:14:37 localhost NetworkManager[897]: <info> [1532945677.2783] dhcp4 (ens33): domain name 'localdomain'
Jul 30 06:14:37 localhost NetworkManager[897]: <info> [1532945677.2783] dhcp4 (ens33): state changed bound -> bound
Jul 30 06:14:37 localhost dhclient[99799]: bound to 192.168.27.148 -- renewal in 710 seconds.
Jul 30 06:14:37 localhost dbus-daemon: dbus[762]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
Jul 30 06:14:37 localhost dbus[762]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
Jul 30 06:14:37 localhost systemd: Starting Network Manager Script Dispatcher Service...
Jul 30 06:14:37 localhost dbus[762]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jul 30 06:14:37 localhost dbus-daemon: dbus[762]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jul 30 06:14:37 localhost systemd: Started Network Manager Script Dispatcher Service.
Jul 30 06:14:37 localhost nm-dispatcher: req:1 'dhcp4-change' [ens33]: new request (4 scripts)
Jul 30 06:14:37 localhost nm-dispatcher: req:1 'dhcp4-change' [ens33]: start running ordered scripts...
Jul 30 06:20:01 localhost systemd: Created slice User Slice of root.
Jul 30 06:20:01 localhost systemd: Starting User Slice of root.
Jul 30 06:20:01 localhost systemd: Started Session 326 of user root.
Jul 30 06:20:01 localhost systemd: Starting Session 326 of user root.
Jul 30 06:20:01 localhost systemd: Removed slice User Slice of root.
Jul 30 06:20:01 localhost systemd: Stopping User Slice of root.

这是成功的log
Jul 30 07:04:44 localhost dhclient[99799]: DHCPREQUEST on ens33 to 192.168.27.254 port 67 (xid=0x2a4c9dda)
Jul 30 07:04:44 localhost dhclient[99799]: DHCPACK from 192.168.27.254 (xid=0x2a4c9dda)
Jul 30 07:04:44 localhost NetworkManager[897]: <info> [1532948684.6818] dhcp4 (ens33): address 192.168.27.148
Jul 30 07:04:44 localhost NetworkManager[897]: <info> [1532948684.6822] dhcp4 (ens33): plen 24 (255.255.255.0)
Jul 30 07:04:44 localhost NetworkManager[897]: <info> [1532948684.6822] dhcp4 (ens33): gateway 192.168.27.2
Jul 30 07:04:44 localhost NetworkManager[897]: <info> [1532948684.6822] dhcp4 (ens33): lease time 1800
Jul 30 07:04:44 localhost NetworkManager[897]: <info> [1532948684.6823] dhcp4 (ens33): nameserver '192.168.27.2'
Jul 30 07:04:44 localhost NetworkManager[897]: <info> [1532948684.6823] dhcp4 (ens33): domain name 'localdomain'
Jul 30 07:04:44 localhost NetworkManager[897]: <info> [1532948684.6823] dhcp4 (ens33): state changed bound -> bound
Jul 30 07:04:44 localhost dhclient[99799]: bound to 192.168.27.148 -- renewal in 855 seconds.
Jul 30 07:04:44 localhost dbus-daemon: dbus[762]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
Jul 30 07:04:44 localhost dbus[762]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
Jul 30 07:04:44 localhost systemd: Starting Network Manager Script Dispatcher Service...
Jul 30 07:04:44 localhost dbus[762]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jul 30 07:04:44 localhost dbus-daemon: dbus[762]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jul 30 07:04:44 localhost systemd: Started Network Manager Script Dispatcher Service.
Jul 30 07:04:44 localhost nm-dispatcher: req:1 'dhcp4-change' [ens33]: new request (4 scripts)
Jul 30 07:04:44 localhost nm-dispatcher: req:1 'dhcp4-change' [ens33]: start running ordered scripts...
Jul 30 07:10:02 localhost systemd: Created slice User Slice of root.
Jul 30 07:10:02 localhost systemd: Starting User Slice of root.
Jul 30 07:10:02 localhost systemd: Started Session 332 of user root.
Jul 30 07:10:02 localhost systemd: Starting Session 332 of user root.
Jul 30 07:10:02 localhost systemd: Removed slice User Slice of root.
Jul 30 07:10:02 localhost systemd: Stopping User Slice of root.
Jul 30 07:10:30 localhost chronyd[63481]: Selected source 120.25.115.19

看不出来啥啊,怎么让日志详细点

先谢谢各位了

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

迷乱花海 2022-09-14 20:03:13

你把 sport 22改为 dport 22

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文