当前的iptables附带了-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
- a output-mstate-- state invalid-j drop
- a output-ptcp-mtcp-- sport 22-j accept
- a output-ptcp-mtcp-- dport 80-mstate-- state related,ESTABLISHED -j ACCEPT
- a output-ptcp-mtcp-- dport 443-mstate-- state related,ESTABLISHED -j ACCEPT
- a output-ptcp-mtcp-- dport 53-mstate-- state related,ESTABLISHED -j ACCEPT
- a output-pudp-mudp-- dport 53-mstate-- state related,ESTABLISHED -j ACCEPT
-A OUTPUT -p icmp -j ACCEPT
- a output-pudp-mudp-- dport 68-j accept
- a output-ptcp-mtcp-- dport 68-j accept
- a output-pudp-mudp-- dport 67-j accept
你只需要看看OUTPUT就可以了。
因为将OUTPUT的缺省规则设置为ACCEPT .可以立即对其他主机进行ssh。
但是,我不知道还有什么需要打开的端口。
67好像一定会开车,但我想messages会发送dqdlb package
ul 3006:14336037 localhost dhclient [ 99799 ] : dhcpackfrom 192.168.27.254 (xid=0x2a 4c9DDA ) ) ) ) ) )
ul 3006336014336037 localhostnetworkmanager [ 897 ] : [ 1532945677.2777 ] DHCP4[ ens 33 ] : address 192.168.27.14447
ul 3006336014336037 localhostnetworkmanager [ 897 ] : [ 1532945677.2782 ] DHCP4(ens 33 ) :plen2465255.255。
ul 3006336014336037 localhostnetworkmanager [ 897 ] : [ 1532945677.2783 ] DHCP4(ens 33 ) :网关192.168.27.2
ul 3006336014336037 localhostnetworkmanager [ 897 ] : [ 1532945677.2783 ] DHCP4(ens 33 ) : lease time 1800
ul 3006336014336037 localhostnetworkmanager [ 897 ] : [ 1532945677.2783 ] DHCP4(ens 33 (: name server ' 192.168.2788 ) )
ul 3006336014336037 localhostnetworkmanager [ 897 ] : [ 1532945677.2783 ] DHCP 465: domain name ' local domain '
ul 3006:14336037 localhostnetworkmanager [ 897 ] : [ 1532945677.2783 ] DHCP 465: statechangedbound-bound
ul 3006336014336037 localhost dhclient [ 99799 ] : bound to 192.168.27.148-- renewal in 710 seconds。
ul 3006:14:37 localhost dbus-daemon : dbus [ 762 ] : [ system ] activatingviasystemd 3360 service name=' org.FFI
ul 3006336014:37 localhost dbus [ 762 ] : [ system ] activatingviasystemd : service name=' org.free desktop.nm _ m
nit='dbus-org.freedesktop.nm-dispatcher.service'Jul 30 06:14:37 localhost systemd: Starting Network Manager Script Dispatcher Service...
Jul 30 06:14:37 localhost dbus[762]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jul 30 06:14:37 localhost dbus-daemon: dbus[762]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jul 30 06:14:37 localhost systemd: Started Network Manager Script Dispatcher Service.
Jul 30 06:14:37 localhost nm-dispatcher: req:1 'dhcp4-change' [ens33]: new request (4 scripts)
Jul 30 06:14:37 localhost nm-dispatcher: req:1 'dhcp4-change' [ens33]: start running ordered scripts...
Jul 30 06:20:01 localhost systemd: Created slice User Slice of root.
Jul 30 06:20:01 localhost systemd: Starting User Slice of root.
Jul 30 06:20:01 localhost systemd: Started Session 326 of user root.
Jul 30 06:20:01 localhost systemd: Starting Session 326 of user root.
Jul 30 06:20:01 localhost systemd: Removed slice User Slice of root.
Jul 30 06:20:01 localhost systemd: Stopping User Slice of root.
Jul 30 07:04:44 localhost dhclient[99799]: DHCPREQUEST on ens33 to 192.168.27.254 port 67 (xid=0x2a4c9dda)
Jul 30 07:04:44 localhost dhclient[99799]: DHCPACK from 192.168.27.254 (xid=0x2a4c9dda)
Jul 30 07:04:44 localhost NetworkManager[897]: [1532948684.6818] dhcp4 (ens33): address 192.168.27.148
Jul 30 07:04:44 localhost NetworkManager[897]: [1532948684.6822] dhcp4 (ens33): plen 24 (255.255.255.0)
Jul 30 07:04:44 localhost NetworkManager[897]: [1532948684.6822] dhcp4 (ens33): gateway 192.168.27.2
Jul 30 07:04:44 localhost NetworkManager[897]: [1532948684.6822] dhcp4 (ens33): lease time 1800
Jul 30 07:04:44 localhost NetworkManager[897]: [1532948684.6823] dhcp4 (ens33): nameserver '192.168.27.2'
Jul 30 07:04:44 localhost NetworkManager[897]: [1532948684.6823] dhcp4 (ens33): domain name 'localdomain'
Jul 30 07:04:44 localhost NetworkManager[897]: [1532948684.6823] dhcp4 (ens33): state changed bound -> bound
Jul 30 07:04:44 localhost dhclient[99799]: bound to 192.168.27.148 -- renewal in 855 seconds.
Jul 30 07:04:44 localhost dbus-daemon: dbus[762]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
Jul 30 07:04:44 localhost dbus[762]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
Jul 30 07:04:44 localhost systemd: Starting Network Manager Script Dispatcher Service...
Jul 30 07:04:44 localhost dbus[762]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jul 30 07:04:44 localhost dbus-daemon: dbus[762]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jul 30 07:04:44 localhost systemd: Started Network Manager Script Dispatcher Service.
Jul 30 07:04:44 localhost nm-dispatcher: req:1 'dhcp4-change' [ens33]: new request (4 scripts)
Jul 30 07:04:44 localhost nm-dispatcher: req:1 'dhcp4-change' [ens33]: start running ordered scripts...
Jul 30 07:10:02 localhost systemd: Created slice User Slice of root.
Jul 30 07:10:02 localhost systemd: Starting User Slice of root.
Jul 30 07:10:02 localhost systemd: Started Session 332 of user root.
Jul 30 07:10:02 localhost systemd: Starting Session 332 of user root.
Jul 30 07:10:02 localhost systemd: Removed slice User Slice of root.
Jul 30 07:10:02 localhost systemd: Stopping User Slice of root.
Jul 30 07:10:30 localhost chronyd[63481]: Selected source 120.25.115.19
看不出来啥啊,怎么让日志详细点
先谢谢各位了