透明防火墙无法访问http和https

时间:2016-08-30 02:48:04

标签: firewall iptables

iptables -L输出:

[root@itsys ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            state    RELATED,ESTABLISHED 
DROP       all  --  anywhere             anywhere            state INVALID 
ACCEPT     udp  --  anywhere             anywhere            udp spt:bootpc dpt:bootps 
ACCEPT     udp  --  anywhere             anywhere            udp spt:bootps dpt:bootpc 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https 
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match --physdev-in eth0 
ACCEPT     tcp  --  172.16.16.113        anywhere            tcp dpt:http 
ACCEPT     tcp  --  172.16.16.113        anywhere            tcp dpt:https 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

这是Linux透明网桥设置:eth0连接到交换机,eth1连接到测试计算机(172.16.16.113)。我无法在测试计算机上按站点访问http网站,但可以通过IP地址访问同一站点。无法访问https网站

1 个答案:

答案 0 :(得分:0)

向前添加dns然后确定     iptables -A FORWARD -p tcp -s 172.16.16.0/24 --dport 53 -j ACCEPT

相关问题
最新问题