论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2006-02-26 20:06 |只看该作者 |倒序浏览

我做的几台linux NAT一直都运行正常! 有RHEL 4 u2的,还有debian 的,光TCP并发连接数正常就在8000左右,但一直运行稳定!
前几天发现一个IP打开了800个UDP,真是要命! 不过CPU一直正常!
这台是debian 的
19:41:51 up 15 days, 11:18, 1 user, load average: 0.00, 0.00, 0.00
以前是一台服务器做的,后来我说太浪费了,还是换成破电脑,年代老点的,这样更稳定,15天前换成破PC也运行了到现在了,也一直正常,CPU非常差的,我都没注意是什么的! 网络里什么人都有,当然也有BT的!

router:/proc/net# grep EST ip_conntrack -c
6967
router:/proc/net#

这里现在晚上的TCP已经建立的连接数!
下面是iptables的配置
# Generated by iptables-save v1.3.3 on Sun Feb 26 19:45:59 2006
*mangle
REROUTING ACCEPT [5320379739:2286753298905]
:INPUT ACCEPT [75123333:6060099854]
:FORWARD ACCEPT [5244702060:2280335550156]
:OUTPUT ACCEPT [42816389:4488908993]
OSTROUTING ACCEPT [5288179256:2284835533618]
COMMIT
# Completed on Sun Feb 26 19:45:59 2006
# Generated by iptables-save v1.3.3 on Sun Feb 26 19:45:59 2006
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [42784943:4486138534]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i eth0 -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -s 221.226.0.0/255.255.0.0 -p tcp -m tcp --dport 20:22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 2531 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Sun Feb 26 19:45:59 2006
# Generated by iptables-save v1.3.3 on Sun Feb 26 19:45:59 2006
*nat
REROUTING ACCEPT [117047011:9006940994]
OSTROUTING ACCEPT [198924:10001059]
:OUTPUT ACCEPT [2241:157861]
-A PREROUTING -p tcp -m tcp --dport 2531 -j DNAT --to-destination 192.168.0.243:2531
-A POSTROUTING -s 192.168.0.0/255.255.254.0 -o eth1 -j MASQUERADE
COMMIT
# Completed on Sun Feb 26 19:45:59 2006

以前一段时间经常会有人不停的用FTP,SSH不停的登录试密码,呵呵

有什么问题,可以一起交流!!
我QQ: 20754739