Linux iptables:仅允许http和ssh的输出
如何仅允许http和ssh的传出流量 我试过:Linux iptables:仅允许http和ssh的输出,linux,http,ssh,iptables,Linux,Http,Ssh,Iptables,如何仅允许http和ssh的传出流量 我试过: iptables -A OUTPUT -p tcp --dport ssh -j ACCEPT iptables -A OUTPUT -p tcp --dport http -j ACCEPT 但只要我加上 iptables -A OUTPUT -j DROP 什么都不管用,它会阻碍一切 Chain INPUT (policy ACCEPT) target prot opt source destinat
iptables -A OUTPUT -p tcp --dport ssh -j ACCEPT
iptables -A OUTPUT -p tcp --dport http -j ACCEPT
但只要我加上
iptables -A OUTPUT -j DROP
什么都不管用,它会阻碍一切
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:22151
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:sso-service
ACCEPT all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
尝试使用-sport而不是-dport。尝试使用-sport而不是-dport。首先,iptables配置的输出与您键入的规则不匹配。您重新启动了iptable服务吗?其次,您还需要允许端口53上的udp使DNS工作:
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
首先,iptables配置的输出与您键入的规则不匹配。您重新启动了iptable服务吗?其次,您还需要允许端口53上的udp使DNS工作:
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT