实际上我的Docker服务存在一些问题。 几分钟后,iptables将删除以下规则。
之后的Iptables:Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-ssh (1 references)
target prot opt source destination
DROP all -- x.x.x.x anywhere
RETURN all -- anywhere anywhere
Chain trafficfilter (0 references)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (1 references)
target prot opt source destination
Chain DOCKER-ISOLATION (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
DROP all -- 113.100.50.1 anywhere
DROP all -- 200.77.191.71 anywhere
RETURN all -- anywhere anywhere
Chain trafficfilter (0 references)
target prot opt source destination
正如您所看到的,有一些链接,如DOCKER-USER,ISOLATION等等。 它适用于1-10分钟但在此之后,规则就消失了。
答案 0 :(得分:0)
好的,我找到了。 我已经做了 服务码头重启 之后,我只将持久的iptables保存到rule.v4文件中。
现在完美无缺!