zoukankan html css js c++ java

iptables

root@cloud:~# iptables -t nat  -L POSTROUTING  -n --line-number 
Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination         
1    KUBE-POSTROUTING  all  --  0.0.0.0/0            0.0.0.0/0            /* kubernetes postrouting rules */
2    MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0           
3    RETURN     all  --  10.244.0.0/16        10.244.0.0/16       
4    MASQUERADE  all  --  10.244.0.0/16       !224.0.0.0/4         
5    RETURN     all  -- !10.244.0.0/16        10.244.0.0/24       
6    MASQUERADE  all  -- !10.244.0.0/16        10.244.0.0/16       
root@cloud:~# iptables -t filter  -L INPUT  -n --line-number 
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    KUBE-SERVICES  all  --  0.0.0.0/0            0.0.0.0/0            ctstate NEW /* kubernetes service portals */
2    KUBE-EXTERNAL-SERVICES  all  --  0.0.0.0/0            0.0.0.0/0            ctstate NEW /* kubernetes externally-visible service portals */
3    KUBE-FIREWALL  all  --  0.0.0.0/0            0.0.0.0/0           
4    DROP       tcp  --  210.22.22.150        0.0.0.0/0            tcp dpt:10000
5    DROP       tcp  --  210.22.22.150        0.0.0.0/0            tcp dpt:10004
root@cloud:~#

root@cloud:~# iptables -t filter  -D INPUT  4
root@cloud:~# date
Tue May 18 16:50:21 CST 2021
root@cloud:~# iptables -t filter  -L INPUT  -n --line-number 
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    KUBE-SERVICES  all  --  0.0.0.0/0            0.0.0.0/0            ctstate NEW /* kubernetes service portals */
2    KUBE-EXTERNAL-SERVICES  all  --  0.0.0.0/0            0.0.0.0/0            ctstate NEW /* kubernetes externally-visible service portals */
3    KUBE-FIREWALL  all  --  0.0.0.0/0            0.0.0.0/0

server : 开启 6666端口

client telnet server 66

root@ubuntu:~/c++#  conntrack -L | grep 6666
tcp      6 86396 ESTABLISHED src=10.10.16.81 dst=10.10.16.82 sport=45486 dport=6666 src=10.10.16.82 dst=10.10.16.81 sport=6666 dport=45486 [ASSURED] mark=0 use=1

server : 开启 6666端口

client telnet server 66

添加tcp notrack

root@ubuntu:~/c++#  iptables -t raw -I INPUT  1 -p udp --dport 6666 -j NOTRACK
iptables: No chain/target/match by that name.
root@ubuntu:~/c++#  iptables -t raw -I PREROUTING 1 -p tcp --dport 6666 -j NOTRACK
root@ubuntu:~/c++#  conntrack -L | grep 6666

root@ubuntu:~/c++# iptables -t raw  -L PREROUTING  -n --line-number 
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination         
1    CT         tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:6666 NOTRACK
2    CT         udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:6666 NOTRACK
root@ubuntu:~/c++#  conntrack -L | grep 6666
conntrack v1.4.4 (conntrack-tools): 153 flow entries have been shown.
root@ubuntu:~/c++#

查看全文

相关阅读:
细说 ASP.NET Cache 及其高级用法【转】
类变量和实例变量的区别是什么？
【转】细说Cookie
【转】细说 Form (表单)
PHP API中，MYSQL与MYSQLI的持久连接区别
 Extending_and_embedding_php翻译
 linux常见面试题及答案
 手机辐射查询
 php5.3 PHP5.4 PHP5.5 新特性/使用PHP5.5要注意的
 sqoop安装遇到的问题

原文地址：https://www.cnblogs.com/dream397/p/14781705.html