我在服务器上运行了一个rails应用程序,我在其中添加了一些iptables规则以提高安全性。现在Omniauth回调停止了工作。每次我尝试使用任何提供程序登录时,都会将此错误发送到我的应用程序日志中
Errno::ENETUNREACH (Network is unreachable - connect(2))
这个丢弃的包被登录到syslog
IN=eth0 OUT= MAC=40:40:ea:31:ac:8d:64:00:f1:cd:1f:7f:08:00 SRC=66.220.147.99 DST=my_ip LEN=56 TOS=0x00 PREC=0x00 TTL=88 ID=0 DF PROTO=TCP SPT=443 DPT=37035 WINDOW=14480 RES=0x00 ACK SYN URGP=0
有人能告诉我我的系统日志中的条目是什么,以及允许它需要什么样的iptables规则。
如果需要,我还可以添加我迄今为止应用的规则。
编辑: 系统日志行不正确,所以我更换了它。
答案 0 :(得分:1)
从http://lists.debian.org/debian-user/2002/07/msg01187.html
找到我原始问题的答案IN = interface the packet came in
OUT = interface used for sending the packet
MAC = MAC address for source and destination
SRC = IP of the sender
DST = IP of the receiver
LEN = Length of the packet
TOS = ?
PREC = Precedence
TTL = Time to live (hop count of the package)
ID = Packet ID number
DF = Don't fragment bit
PROTO = The protocol
SPT = Sender port
DPT = Receiving port
WINDOW = ?
RES = Received bits
And then some TCP flags in the end of the row. Didn't yet dig the meaning of those.
ACK = ?
SYN = ?
URGP = ?