网络安全防护:iptables、fwsnort与psad的协同应用
1. iptables规则链与DROP和REJECT目标
1.1 iptables规则链展示
通过psad --fw-list命令可以列出与IPT_AUTO_CHAIN关键字相关的规则链,这些规则链为针对攻击者IP地址提供了有效的DROP策略。以下是相关规则链的展示:
[iptablesfw]# psad --fw-list [+] Listing chains from IPT_AUTO_CHAIN keywords... Chain PSAD_BLOCK_INPUT (1 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- 144.202.X.X 0.0.0.0/0 Chain PSAD_BLOCK_OUTPUT (1 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- 0.0.0.0/0 144.202.X.X Chain PSAD_BLOCK_FORWARD (1 references) pkts bytes target prot opt in
)
