我的 IPTABLES 中有这样的规则:
-A 输入 -s 166.100.102.50/32 -j LOG --log-level 7
我编写了一个脚本来获取这些规则的输出并将字节从 IP 输出到我的服务器。
我希望得到有关如何创建跟踪来自分散子网的 ip 流量的规则的建议。IP地址不固定,甚至子网也不固定。例如:
120.2.33.45可能是当天设备的IP地址,204.65.3.88可能是第二天同一设备的IP地址。
我认为,如果有一种方法可以编写规则,以便它为我提供除固定 IP 地址范围之外的所有内容的 IP 地址,例如 166.100.102.50 那么我就可以了。
就像是:
-A 输入 -s不等于166.100.102.50/32 -j LOG --log-level 7
提前致谢
你想要吗(观看!):
iptables -A INPUT ! -s 166.100.102.50/32 -j LOG --log-level 7
这将匹配源地址不是 166.100.102.50 的所有内容。
从 man iptables
[!] -s, --source address[/mask][,...]
Source specification. Address can be either a network name, a
hostname, a network IP address (with /mask), or a plain IP
address. Hostnames will be resolved once only, before the rule
is submitted to the kernel. Please note that specifying any
name to be resolved with a remote query such as DNS is a really
bad idea. The mask can be either a network mask or a plain num?
ber, specifying the number of 1's at the left side of the net?
work mask. Thus, a mask of 24 is equivalent to 255.255.255.0.
下面开始相关部分:
A "!" argument before the address specification inverts the
sense of the address. The flag --src is an alias for this
option. Multiple addresses can be specified, but this will
expand to multiple rules (when adding with -A), or will cause
multiple rules to be deleted (with -D).
| 归档时间: |
|
| 查看次数: |
2164 次 |
| 最近记录: |