在SSH之前,系统启动的iptables规则不起作用
我正在尝试在wifi客户端连接后立即自动使Raspberry Pi 3显示欢迎页面。操作系统详细信息:
Linux raspberrypi 4.14.50-v7+ #1122 SMP Tue Jun 19 12:26:26 BST 2018 armv7l GNU/Linux
使用/lib/systemd/system/wish.service实现的核心功能可用于iptables重定向和网络服务器启动:
[Unit]
Description=Wish Service
After=ifup@wlan0.service
[Service]
Type=idle
ExecStart=/usr/bin/nohup /usr/bin/nodejs /home/nodejs/server.js > /var/log/syslog 2>&1 &
ExecStartPost=/sbin/iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j DNAT --to-destination 172.24.1.1
[Install]
WantedBy=multi-user.target
这个想法是iptables将所有传入的wifi通信量重新绑定到localhost,NodeJ在该本地转发443和80到3000端口,在该页面中,欢迎页面与NodeJ一起存储。
除一个错误外,它运行良好,其中一个错误:在重新启动树莓派之后,NodeJs可以很好地启动,但是iptables重定向在我插入ehernet并对其进行ssh之后才起作用。一旦我ssh-欢迎页面自动启动即可正常工作。
似乎ssh到eth0会触发一些系统事件,该事件重新启动iptable,并且我的规则开始起作用。
从NodeJs开始的系统日志开始(Captive portal is listening),直到从iptables(captive redirect 80)成功重新提供服务为止:
Mar 2 22:08:00 raspberrypi avahi-daemon[313]: Registering new address record for fe80::ba27:ebff:fe1b:d3ea on wlan0.*.
Mar 2 22:08:00 raspberrypi nohup[331]: Captive portal is listening to 80 port
Mar 2 22:08:00 raspberrypi nohup[331]: Captive portal is listening to 443 port
Mar 2 22:08:00 raspberrypi nohup[331]: WiSh app listening on port 3000!
Mar 2 22:08:01 raspberrypi kernel: [ 9.003744] Bluetooth: Core ver 2.22
Mar 2 22:08:01 raspberrypi kernel: [ 9.003831] NET: Registered protocol family 31
Mar 2 22:08:01 raspberrypi kernel: [ 9.003837] Bluetooth: HCI device and connection manager initialized
Mar 2 22:08:01 raspberrypi kernel: [ 9.003859] Bluetooth: HCI socket layer initialized
Mar 2 22:08:01 raspberrypi kernel: [ 9.003872] Bluetooth: L2CAP socket layer initialized
Mar 2 22:08:01 raspberrypi kernel: [ 9.003902] Bluetooth: SCO socket layer initialized
Mar 2 22:08:01 raspberrypi btuart[278]: bcm43xx_init
Mar 2 22:08:01 raspberrypi btuart[278]: Flash firmware /lib/firmware/brcm/BCM43430A1.hcd
Mar 2 22:08:01 raspberrypi btuart[278]: Set BDADDR UART: b8:27:eb:e4:2c:15
Mar 2 22:08:01 raspberrypi kernel: [ 9.015495] Bluetooth: HCI UART driver ver 2.3
Mar 2 22:08:01 raspberrypi kernel: [ 9.015508] Bluetooth: HCI UART protocol H4 registered
Mar 2 22:08:01 raspberrypi kernel: [ 9.015514] Bluetooth: HCI UART protocol Three-wire (H5) registered
Mar 2 22:08:01 raspberrypi kernel: [ 9.015722] Bluetooth: HCI UART protocol Broadcom registered
Mar 2 22:08:01 raspberrypi btuart[278]: Set Controller UART speed to 921600 bit/s
Mar 2 22:08:01 raspberrypi btuart[278]: Device setup complete
Mar 2 22:08:01 raspberrypi sh[342]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
Mar 2 22:08:01 raspberrypi dhclient[397]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
Mar 2 22:08:01 raspberrypi systemd[1]: Started Configure Bluetooth Modems connected by UART.
Mar 2 22:08:01 raspberrypi systemd[1]: Reached target Multi-User System.
Mar 2 22:08:01 raspberrypi systemd[1]: Reached target Graphical Interface.
Mar 2 22:08:01 raspberrypi systemd[1]: Starting Update UTMP about System Runlevel Changes...
Mar 2 22:08:01 raspberrypi systemd[1]: Starting Bluetooth service...
Mar 2 22:08:01 raspberrypi systemd[1]: Started Update UTMP about System Runlevel Changes.
Mar 2 22:08:01 raspberrypi bluetoothd[578]: Bluetooth daemon 5.43
Mar 2 22:08:01 raspberrypi systemd[1]: Started Bluetooth service.
Mar 2 22:08:01 raspberrypi systemd[1]: Started Raspberry Pi bluetooth helper.
Mar 2 22:08:01 raspberrypi systemd[1]: Reached target Bluetooth.
Mar 2 22:08:01 raspberrypi systemd[1]: Startup finished in 1.547s (kernel) + 7.655s (userspace) = 9.202s.
Mar 2 22:08:01 raspberrypi bluetoothd[578]: Starting SDP server
Mar 2 22:08:01 raspberrypi kernel: [ 9.242330] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
Mar 2 22:08:01 raspberrypi kernel: [ 9.242351] Bluetooth: BNEP filters: protocol multicast
Mar 2 22:08:01 raspberrypi kernel: [ 9.242377] Bluetooth: BNEP socket layer initialized
Mar 2 22:08:01 raspberrypi bluetoothd[578]: Bluetooth management interface 1.14 initialized
Mar 2 22:08:01 raspberrypi bluetoothd[578]: Failed to obtain handles for "Service Changed" characteristic
Mar 2 22:08:01 raspberrypi dbus[279]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service'
Mar 2 22:08:01 raspberrypi bluetoothd[578]: Sap driver initialization failed.
Mar 2 22:08:01 raspberrypi bluetoothd[578]: sap-server: Operation not permitted (1)
Mar 2 22:08:01 raspberrypi systemd[1]: Starting Hostname Service...
Mar 2 22:08:02 raspberrypi dbus[279]: [system] Successfully activated service 'org.freedesktop.hostname1'
Mar 2 22:08:02 raspberrypi systemd[1]: Started Hostname Service.
Mar 2 22:08:08 raspberrypi dhclient[397]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 10
Mar 2 22:08:08 raspberrypi sh[342]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 10
Mar 2 22:08:18 raspberrypi dhclient[397]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 13
Mar 2 22:08:18 raspberrypi sh[342]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 13
Mar 2 22:08:31 raspberrypi dhclient[397]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 10
Mar 2 22:08:31 raspberrypi sh[342]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 10
Mar 2 22:08:41 raspberrypi dhclient[397]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 13
Mar 2 22:08:41 raspberrypi sh[342]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 13
Mar 2 22:08:51 raspberrypi hostapd: wlan0: STA 38:a4:ed:fc:8b:b5 IEEE 802.11: associated
Mar 2 22:08:51 raspberrypi hostapd: wlan0: STA 38:a4:ed:fc:8b:b5 RADIUS: starting accounting session 5C7AD48E-00000000
Mar 2 22:08:52 raspberrypi dnsmasq-dhcp[509]: DHCPDISCOVER(wlan0) 38:a4:ed:fc:8b:b5
Mar 2 22:08:52 raspberrypi dnsmasq-dhcp[509]: DHCPOFFER(wlan0) 172.24.1.110 38:a4:ed:fc:8b:b5
Mar 2 22:08:52 raspberrypi dnsmasq-dhcp[509]: DHCPREQUEST(wlan0) 172.24.1.110 38:a4:ed:fc:8b:b5
Mar 2 22:08:52 raspberrypi dnsmasq-dhcp[509]: DHCPACK(wlan0) 172.24.1.110 38:a4:ed:fc:8b:b5 Redmi3S-nano3
Mar 2 22:08:53 raspberrypi nohup[331]: captive redirect 80 client: ::ffff:172.24.1.110
Mar 2 22:08:54 raspberrypi dhclient[397]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4
Mar 2 22:08:54 raspberrypi sh[342]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4
Mar 2 22:08:58 raspberrypi dhclient[397]: No DHCPOFFERS received.
Mar 2 22:08:58 raspberrypi sh[342]: No DHCPOFFERS received.
Mar 2 22:08:58 raspberrypi sh[342]: No working leases in persistent database - sleeping.
Mar 2 22:08:58 raspberrypi dhclient[397]: No working leases in persistent database - sleeping.
Mar 2 22:08:59 raspberrypi systemd[1]: Reloading OpenBSD Secure Shell server.
Mar 2 22:08:59 raspberrypi systemd[1]: Reloaded OpenBSD Secure Shell server.
Mar 2 22:08:59 raspberrypi sh[342]: eth0=eth0
Mar 2 22:09:01 raspberrypi kernel: [ 69.318477] smsc95xx 1-1.1:1.0 eth0: link up, 100Mbps, full-duplex, lpa 0x45E1
Mar 2 22:09:01 raspberrypi kernel: [ 69.318961] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Mar 2 22:09:02 raspberrypi avahi-daemon[313]: Joining mDNS multicast group on interface eth0.IPv6 with address fe80::ba27:ebff:fe4e:86bf.
Mar 2 22:09:02 raspberrypi avahi-daemon[313]: New relevant interface eth0.IPv6 for mDNS.
Mar 2 22:09:02 raspberrypi avahi-daemon[313]: Registering new address record for fe80::ba27:ebff:fe4e:86bf on eth0.*.
Mar 2 22:10:41 raspberrypi kernel: [ 169.063370] smsc95xx 1-1.1:1.0 eth0: link down
Mar 2 22:10:43 raspberrypi kernel: [ 170.703372] smsc95xx 1-1.1:1.0 eth0: link up, 100Mbps, full-duplex, lpa 0x45E1
Mar 2 22:12:15 raspberrypi dhclient[624]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 8
Mar 2 22:12:15 raspberrypi dhclient[624]: DHCPREQUEST of 192.168.1.123 on eth0 to 255.255.255.255 port 67
Mar 2 22:12:15 raspberrypi dhclient[624]: DHCPOFFER of 192.168.1.123 from 192.168.1.1
Mar 2 22:12:15 raspberrypi dhclient[624]: DHCPACK of 192.168.1.123 from 192.168.1.1
Mar 2 22:12:15 raspberrypi avahi-daemon[313]: Joining mDNS multicast group on interface eth0.IPv4 with address 192.168.1.123.
Mar 2 22:12:15 raspberrypi avahi-daemon[313]: New relevant interface eth0.IPv4 for mDNS.
Mar 2 22:12:15 raspberrypi avahi-daemon[313]: Registering new address record for 192.168.1.123 on eth0.IPv4.
Mar 2 22:12:15 raspberrypi dnsmasq[509]: reading /run/dnsmasq/resolv.conf
Mar 2 22:12:15 raspberrypi dnsmasq[509]: using local addresses only for domain localnet
Mar 2 22:12:15 raspberrypi dnsmasq[509]: using nameserver 192.168.24.1#53 for domain localnet
Mar 2 22:12:15 raspberrypi dnsmasq[509]: using nameserver 192.168.1.1#53
Mar 2 22:12:16 raspberrypi dhclient[624]: bound to 192.168.1.123 -- renewal in 35684 seconds.
Mar 2 22:12:23 raspberrypi systemd[1]: Created slice User Slice of pi.
Mar 2 22:12:23 raspberrypi systemd[1]: Starting User Manager for UID 1000...
Mar 2 22:12:23 raspberrypi systemd[1]: Started Session c1 of user pi.
Mar 2 22:12:23 raspberrypi systemd[711]: Listening on GnuPG cryptographic agent (access for web browsers).
Mar 2 22:12:23 raspberrypi systemd[711]: Listening on GnuPG cryptographic agent (ssh-agent emulation).
Mar 2 22:12:23 raspberrypi systemd[711]: Reached target Paths.
Mar 2 22:12:23 raspberrypi systemd[711]: Reached target Timers.
Mar 2 22:12:23 raspberrypi systemd[711]: Listening on GnuPG cryptographic agent and passphrase cache (restricted).
Mar 2 22:12:23 raspberrypi systemd[711]: Listening on GnuPG cryptographic agent and passphrase cache.
Mar 2 22:12:23 raspberrypi systemd[711]: Reached target Sockets.
Mar 2 22:12:23 raspberrypi systemd[711]: Reached target Basic System.
Mar 2 22:12:23 raspberrypi systemd[711]: Reached target Default.
Mar 2 22:12:23 raspberrypi systemd[711]: Startup finished in 90ms.
Mar 2 22:12:23 raspberrypi systemd[1]: Started User Manager for UID 1000.
Mar 2 22:12:36 raspberrypi systemd[1]: Time has been changed
Mar 2 22:12:36 raspberrypi systemd[711]: Time has been changed
Mar 2 22:12:36 raspberrypi systemd-timesyncd[263]: Synchronized to time server 81.88.210.197:123 (2.debian.pool.ntp.org).
Mar 2 22:12:36 raspberrypi systemd[1]: apt-daily.timer: Adding 6h 49min 37.358604s random time.
Mar 2 22:12:36 raspberrypi systemd[1]: apt-daily-upgrade.timer: Adding 58min 39.111912s random time.
Mar 2 22:12:45 raspberrypi nohup[331]: captive redirect 80 client: ::ffff:172.24.1.110
其中显示了服务加载顺序的systemd-analyze图的输出:
请问系统启动后如何使iptables正常运行的任何建议?
0 个答案:
没有答案
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?