Добрый день. С Наступающим Новым Годом!
Прошу, подскажите пожалуйста.
Имеется приложение, работающая в сети, шлюз стоит Ubuntu. Программа коннектится к внешним источникам по портам 27000-27040 TCP и UPD, если я отключаю ufw то программа нормально работает.
Если включаю ufw на шлюзе то не подключается. В
В логах UFW пишется следующее:
Dec 30 16:59:51 proxy kernel: [67404.138394] [UFW BLOCK] IN=enp4s0 OUT=enp3s1 MAC=90:2b:34:33:ba:32:00:1e:67:57:3f:2f:08:00 SRC=192.168.30.202 DST=155.133.248.52 LEN=52 TOS=0x02 PREC=0x00 TTL=127 ID=10777 DF PROTO=TCP SPT=56673 DPT=27020 WINDOW=65535 RES=0x00 CWR ECE SYN URGP=0
ufw status verboseStatus: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp (OpenSSH) ALLOW IN Anywhere
3128 ALLOW IN Anywhere
3128/tcp ALLOW IN Anywhere
80,443/tcp (Apache Full) ALLOW IN Anywhere
8000 ALLOW IN Anywhere
80,443/tcp (Nginx Full) ALLOW IN Anywhere
443/tcp (Apache Secure) ALLOW IN Anywhere
80/tcp (Apache) ALLOW IN Anywhere
11011 ALLOW IN Anywhere
25/tcp ALLOW IN Anywhere
25 ALLOW IN Anywhere
587 ALLOW IN Anywhere
993 ALLOW IN Anywhere
143 ALLOW IN Anywhere
465 ALLOW IN Anywhere
3129 ALLOW IN Anywhere
62066 ALLOW IN Anywhere
26022 ALLOW IN Anywhere
27015:27030/tcp ALLOW IN Anywhere
27015:27030/udp ALLOW IN Anywhere
27000:27015/udp ALLOW IN Anywhere
27031:27036/udp ALLOW IN Anywhere
27036:27037/tcp ALLOW IN Anywhere
4380 ALLOW IN Anywhere
Anywhere ALLOW IN 192.168.30.202
62066/udp ALLOW IN Anywhere
22/tcp (OpenSSH (v6)) ALLOW IN Anywhere (v6)
3128 (v6) ALLOW IN Anywhere (v6)
3128/tcp (v6) ALLOW IN Anywhere (v6)
3127 (v6) ALLOW IN Anywhere (v6)
80,443/tcp (Apache Full (v6)) ALLOW IN Anywhere (v6)
8000 (v6) ALLOW IN Anywhere (v6)
80,443/tcp (Nginx Full (v6)) ALLOW IN Anywhere (v6)
443/tcp (Apache Secure (v6)) ALLOW IN Anywhere (v6)
80/tcp (Apache (v6)) ALLOW IN Anywhere (v6)
11011 (v6) ALLOW IN Anywhere (v6)
25/tcp (v6) ALLOW IN Anywhere (v6)
25 (v6) ALLOW IN Anywhere (v6)
587 (v6) ALLOW IN Anywhere (v6)
993 (v6) ALLOW IN Anywhere (v6)
143 (v6) ALLOW IN Anywhere (v6)
465 (v6) ALLOW IN Anywhere (v6)
3129 (v6) ALLOW IN Anywhere (v6)
62066 (v6) ALLOW IN Anywhere (v6)
26022 (v6) ALLOW IN Anywhere (v6)
27015:27030/tcp (v6) ALLOW IN Anywhere (v6)
27015:27030/udp (v6) ALLOW IN Anywhere (v6)
27000:27015/udp (v6) ALLOW IN Anywhere (v6)
27031:27036/udp (v6) ALLOW IN Anywhere (v6)
27036:27037/tcp (v6) ALLOW IN Anywhere (v6)
4380 (v6) ALLOW IN Anywhere (v6)
62066/udp (v6) ALLOW IN Anywhere (v6)
iptables -L |grep 270ACCEPT tcp -- anywhere anywhere tcp spts:27000:27030
ACCEPT udp -- anywhere anywhere udp spts:27000:27030
ACCEPT tcp -- anywhere anywhere tcp dpts:27000:27030
ACCEPT udp -- anywhere anywhere udp dpts:27000:27030
ACCEPT tcp -- anywhere anywhere tcp spts:27000:27030
ACCEPT tcp -- anywhere anywhere tcp dpts:27000:27030
ACCEPT tcp -- anywhere anywhere multiport dports 27015:27030
ACCEPT udp -- anywhere anywhere multiport dports 27015:27030
ACCEPT udp -- anywhere anywhere multiport dports 27000:27015
ACCEPT udp -- anywhere anywhere multiport dports 27031:27036
ACCEPT tcp -- anywhere anywhere multiport dports 27036:27037
Простой
