История изменений

Исправление drac753, 30.01.20 16:36 (текущая версия) :

iptables

-vL с этого компа. Правила работают class="no-highlight">

Chain INPUT (policy DROP 0 packets, 0 bytes) prot opt in     out     source               destination tcp  --  any    any     anywhere             anywhere             ctstate INVALID,NEW tcp flags:SYN,ACK/SYN,ACK reject-with icmp-port-unreachable tcp  --  any    any     anywhere             anywhere             ctstate NEW tcp flags:!FIN,SYN,RST,ACK/SYN all  --  lo     any     anywhere             anywhere icmp --  enp0s8 any     anywhere             anywhere             icmp echo-reply icmp --  enp0s8 any     anywhere             anywhere             icmp destination-unreachable icmp --  enp0s8 any     anywhere             anywhere             icmp time-exceeded icmp --  enp0s8 any     anywhere             anywhere             icmp echo-request all  --  any    any     anywhere             anywhere             state RELATED,ESTABLISHED all  --  any    any     anywhere             anywhere             state INVALID tcp  --  enp0s3 any     anywhere             anywhere             tcp dpt:ssh tcp  --  enp0s8 any     anywhere             anywhere             multiport dports ssh,http,domain,3128 udp  --  enp0s8 any     anywhere             anywhere             udp dpt:ntp (policy DROP 0 packets, 0 bytes) prot opt in     out     source               destination all  --  any    any     anywhere             anywhere             state INVALID tcp  --  any    any     anywhere             anywhere             tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU all  --  enp0s3 enp0s8  anywhere             anywhere             state RELATED,ESTABLISHED all  --  enp0s8 enp0s3  anywhere             anywhere             state RELATED,ESTABLISHED



      
        Исходная версия
      drac753,
      30.01.20 16:33:
    
    
      
      
        
      
      
        iptables -vL с этого компа
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 REJECT     tcp  --  any    any     anywhere             anywhere             ctstate INVALID,NEW tcp flags:SYN,ACK/SYN,ACK reject-with icmp-port-unreachable
    0     0 DROP       tcp  --  any    any     anywhere             anywhere             ctstate NEW tcp flags:!FIN,SYN,RST,ACK/SYN
    0     0 ACCEPT     all  --  lo     any     anywhere             anywhere            
    0     0 ACCEPT     icmp --  enp0s8 any     anywhere             anywhere             icmp echo-reply
    0     0 ACCEPT     icmp --  enp0s8 any     anywhere             anywhere             icmp destination-unreachable
    0     0 ACCEPT     icmp --  enp0s8 any     anywhere             anywhere             icmp time-exceeded
    0     0 ACCEPT     icmp --  enp0s8 any     anywhere             anywhere             icmp echo-request
   48  3008 ACCEPT     all  --  any    any     anywhere             anywhere             state RELATED,ESTABLISHED
    0     0 DROP       all  --  any    any     anywhere             anywhere             state INVALID
    0     0 ACCEPT     tcp  --  enp0s3 any     anywhere             anywhere             tcp dpt:ssh
    0     0 ACCEPT     tcp  --  enp0s8 any     anywhere             anywhere             multiport dports ssh,http,domain,3128
    0     0 ACCEPT     udp  --  enp0s8 any     anywhere             anywhere             udp dpt:ntp

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  any    any     anywhere             anywhere             state INVALID
    0     0 TCPMSS     tcp  --  any    any     anywhere             anywhere             tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
    0     0 ACCEPT     all  --  enp0s3 enp0s8  anywhere             anywhere             state RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  enp0s8 enp0s3  anywhere             anywhere             state RELATED,ESTABLISHED