請教一下iptables

我正在merlin router起一個shadowsock server, 但怎也連不上.
netstat可以看見,

tcp 0 0 0.0.0.0:8388 0.0.0.0:* LISTEN

iptables是這樣的.

pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- tun21 any anywhere anywhere
0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:1194
0 0 DROP icmp -- vlan2 any anywhere anywhere icmp echo-request
2750 297K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
4 254 DROP all -- any any anywhere anywhere state INVALID
485 53238 ACCEPT all -- br0 any anywhere anywhere state NEW
973 237K ACCEPT all -- lo any anywhere anywhere state NEW
0 0 ACCEPT udp -- any any anywhere anywhere udp spt:bootps dpt:bootpc
3 144 SSHBFP tcp -- vlan2 any anywhere anywhere tcp dpt:ssh state NEW
0 0 ACCEPT icmp -- any any anywhere anywhere icmp !echo-request
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:1723
0 0 ACCEPT gre -- any any anywhere anywhere
70 4015 DROP all -- any any anywhere anywhere
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:8388

複製代碼

但用internet port tester, 都係話 8388 呢個port 係close既....

mcdull

特級會員

Rank: 4 Rank: 4 Rank: 4 Rank: 4

2^#

發表於 2017-5-1 17:26 | 只看該作者

It seems to me that the drop all rule is executed and the last accept rule is being ignored. However, in the firmware, I am only allowed to edit the "firewall-start" custom script for my own rule, can't imagine how it can be implemented.

TOP

請教一下iptables

[收藏此主題] [關注此主題的新回覆]

[通過 QQ、MSN 分享給朋友]