Web服务:
- 80,http协议默认端口,Apache、Nginx、Lighttpd默认
- 443,https协议默认端口,Apache、Nginx、Lighttpd默认
- 2082/2083,cpanel默认
- 7080,Litespeed默认
- 7778,kloxo面板默认
- 8080,代理或后端服务,tomcat默认,wdcp面板默认
- 8083,vestacp面板默认
- 8888,AMH面板默认
- 9000,后端服务,php-fpm默认
- 11211,Memchached默认端口
- 12000,magent端口,memcached代理
远程控制:
- 22,ssh协议,sshd默认
- 23,telnet协议,telnet默认
- 3389,Windows远控默认
常见应用程序:
- 3306,Mysql默认端口
- 1723,PPTP的V%P*N默认端口
- 25/110/143,SMTP/POP3/IMAP邮件端口
- 2525,有时候SMTP
- 465(587)/995/993,SMTPS/POP3S/IMAPS加密邮件端口
- 67,DHCP服务默认
- 53,DNS服务器默认
- 123,时钟同步端口
iptables设置
以下内容为Centos中/etc/sysconfig/iptables
的设置:
# Generated by iptables-save v1.4.7 on Fri Aug 12 00:48:14 2016
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1:152]
:vesta - [0:0]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 21,12000:12100 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 25,465,587,2525 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 110,995 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 143,993 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3306,5432 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8083 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -s 127.0.0.1/32 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 25 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 110 -j ACCEPT
-A INPUT -p udp -m udp --sport 123 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 3306 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 12000:12100 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 1723 -j ACCEPT
-A INPUT -p gre -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 50000:65534 -j ACCEPT
-A FORWARD -i ppp+ -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --set-mss 1356
-A FORWARD -i ppp+ -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --set-mss 1356
COMMIT
# Completed on Fri Aug 12 00:48:14 2016
# Generated by iptables-save v1.4.7 on Fri Aug 12 00:48:14 2016
*nat
:PREROUTING ACCEPT [1:44]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Fri Aug 12 00:48:14 2016
Comments | 8 条评论
实用,看看
路过……
常用端口记录+iptables设置,收藏了
打酱油来了
@mini
可怜的酱油
嘻嘻~~~~~
呼啦啦哗啦啦
感谢分享 祝您开心快乐每一天! http://www.xevip.cn