Linux 如何检查iptables状态并在ubuntu中允许ip
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/8505007/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
how to check iptables status and allow ip in ubuntu
提问by
how can check status of iptables in Ubuntu.service iptables status command is not working on my side so how can allow an ip address as i am not able to ssh to that machine.
如何在 Ubuntu.service iptables status 命令中检查 iptables 的状态在我这边不起作用,因此如何允许 ip 地址,因为我无法通过 ssh 连接到该机器。
回答by Miquel
You can list the rules in iptables with iptables -L -v.
您可以使用 .iptables 列出 iptables 中的规则iptables -L -v。
To enable a remote machine to access your local ssh server:
要使远程计算机能够访问您的本地 ssh 服务器:
- Check that your ssh server is listening on all interfaces
- If the three chains listed are empty, make sure their policy is ACCEPT
- If any of the chains has a policy other than ACCEPT, add a new rule to the right chain with something like, for example:
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT. Check man iptables for details - Make sure you are not trying to access an unroutable address (e.g. a private ip address)
- Check that there's no other firewall in the middle
- Try connecting with telnet to the ssh port, see if it connects at all!
- Come back here :)
- 检查您的 ssh 服务器是否正在侦听所有接口
- 如果列出的三个链是空的,请确保他们的策略是 ACCEPT
- 如果任何链具有除接受政策,添加新的规则,以正确的链条喜欢的东西,例如:
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT。查看 man iptables 了解详情 - 确保您没有尝试访问不可路由的地址(例如私有 IP 地址)
- 检查中间没有其他防火墙
- 尝试用 telnet 连接到 ssh 端口,看看它是否连接了!
- 回到这来 :)
