ipTables阻止memcached
[英]ipTables blocking memcached
问题描述
I have one server running memcached and another server that should be able to connect to the memcached server. 
我有一台运行memcached的服务器和另一台应该能够连接到memcached服务器的服务器。
memcached is set up to listen to 0.0.0.0:5666 memcached设置为收听0.0.0.0:5666
This allows for anyone to connect to it so i want to block the port 5666 for everyone except the other server. 这允许任何人连接到它,所以我想阻止除了其他服务器之外的所有人的端口5666。 I thought this would do it: 我以为这样做会:
iptables -A INPUT -p tcp --dport 5666 -j REJECT
iptables -A INPUT -p tcp -s 79.xxx.xxx.xxx --dport 5666 -j ACCEPT
But it did not, now i can not connect at all from the other server, before it worked fine. 但它没有,现在我无法连接其他服务器,在它工作正常之前。
2 个解决方案
解决方案1
7 已采纳 2010-05-20 16:31:34
iptables rules are evaluated in the order that they're given. iptables规则按照给出的顺序进行评估。 Just switch the order of those two lines. 只需切换这两行的顺序即可。
解决方案2
2 2010-05-20 16:31:51
You need the ACCEPT condition before before the REJECT condition. 在REJECT条件之前,您需要ACCEPT条件。 By putting the REJECT first it rejects your valid IP and then stops and your second rule is never seen. 通过首先放置REJECT,它会拒绝您的有效IP,然后停止并且您的第二条规则永远不会被看到。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.