This topic created in 1294 days ago, the information mentioned may be changed or developed.
尝试过用 iptables 限制来源,但是失败了
B 配置:
net.ipv4.ip_forward = 1
iptables -I INPUT -s "C 的 ip" -j DROP
C --> B --> A:
1. C 可以到达 A ,rdp
2. C 不可以到达 B ,ssh
 |
|
1
chengandc Oct 27, 2022
Assuming that the server knows how to route a packet and that the firewall rules permit its transmission, the following flows represent the paths that will be traversed in different situations:
Incoming packets destined for the local system: PREROUTING -> INPUT
Incoming packets destined to another host: PREROUTING -> FORWARD -> POSTROUTING
Locally generated packets: OUTPUT -> POSTROUTING
在 forward 链里面 drop
|
Select Language