Я использую сервис httpd на ОС Linux.
Мой результат iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere state NEW tcp dpt:http recent: UPDATE seconds: 10 hit_count: 3 name: http_flood side: source
tcp -- anywhere anywhere state NEW tcp dpt:http recent: SET name: http_flood side: source
DROP all -- 185.103.253.167 anywhere
DROP all -- 185.130.4.197 anywhere
DROP all -- 185.130.4.120 anywhere
syn_flood tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
ACCEPT icmp -- anywhere anywhere limit: avg 1/sec burst 1
LOG icmp -- anywhere anywhere limit: avg 1/sec burst 1 LOG level warning prefix `PING-DROP:'
DROP icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:http
DROP all -- 108.162.222.0 anywhere
DROP all -- 66.249.0.0/16 anywhere
DROP all -- 108.162.222.0/24 anywhere
DROP all -- 162.158.176.0/24 anywhere
DROP all -- 108.162.221.0/24 anywhere
Пожалуйста, смотрите на DROP all -- 66.249.0.0/16 anywhere .
У меня был сервис sudo, сохранение и sudo service iptables save restart но журнал доступа по этому IP-адресу все еще может отправить запрос на мой сервер.
Это журнал доступа:
66.249.71.130 - - [30/Jul/2016:19:18:39 +0700] "GET /zad_rgano/15330.htm HTTP/1.1" 404 37728
66.249.71.130 - - [30/Jul/2016:19:18:43 +0700] "GET /28060/szekntws/mmqmmxxmkgw/9768/45828_frftp_fqs_uxnenjp HTTP/1.1" 404 37674
66.249.79.144 - - [30/Jul/2016:19:18:46 +0700] "GET /38164/szekntws/mmqmmxxmkgw/9765/45828_frftp_fqs_uxnenjp HTTP/1.1" 404 37674
66.249.71.128 - - [30/Jul/2016:19:18:48 +0700] "GET /27501/szekntws/mmqmmxxmkgw/9756/45828_frftp_fqs_uxnenjp HTTP/1.1" 301 -
66.249.71.130 - - [30/Jul/2016:19:18:50 +0700] "GET /zaa_rgano/22063.htm HTTP/1.1" 404 37728
66.249.71.130 - - [30/Jul/2016:19:18:54 +0700] "GET /zae_rgano/18374.htm HTTP/1.1" 404 37728
66.249.71.130 - - [30/Jul/2016:19:18:56 +0700] "GET /29265/szekntws/mmqmmxxmkgw/9761/45828_frftp_fqs_uxnenjp HTTP/1.1" 404 37674
66.249.71.130 - - [30/Jul/2016:19:19:19 +0700] "GET /zac_rgano/16315.htm HTTP/1.1" 404 37728
66.249.71.130 - - [30/Jul/2016:19:19:22 +0700] "GET /index.php?kj=1&kjsite=aHR0cDovL3d3dy5rYW1pYmlqaW5zaG9wLnh5ei9pbmRleC5waHA/bWFpbl9wYWdlPXByb2R1Y3RfaW5mbyZwcm9kdWN0c19pZD0yNDQyOQ== HTTP/1.1" 200 110629
66.249.71.130 - - [30/Jul/2016:19:19:26 +0700] "GET /23989/szekntws/mmqmmxxmkgw/9754/45828_frftp_fqs_uxnenjp HTTP/1.1" 404 37845
66.249.71.130 - - [30/Jul/2016:19:19:29 +0700] "GET /zab_rgano/36033.htm HTTP/1.1" 404 37728
66.249.71.130 - - [30/Jul/2016:19:19:47 +0700] "GET /wp-content/uploads/2016/01/Chuong-8-Tac-dong-cua-chinh-sach-thue.pdf HTTP/1.1" 200 496413
66.249.71.130 - - [30/Jul/2016:19:19:49 +0700] "GET /index.php?kj=1&kjsite=aHR0cDovL3d3dy5tc3N5c3RlbS54eXovaW5kZXgucGhwP21haW5fcGFnZT1wcm9kdWN0X2luZm8mcHJvZHVjdHNfaWQ9MzM3NzU= HTTP/1.1" 200 110586
66.249.79.144 - - [30/Jul/2016:19:19:47 +0700] "GET /index.php?kj=1&kjsite=aHR0cDovL3d3dy5rYW1pYmlqaW5zaG9wLnh5ei9pbmRleC5waHA/bWFpbl9wYWdlPXByb2R1Y3RfaW5mbyZwcm9kdWN0c19pZD0zOTE1NQ== HTTP/1.1" 200 110634
66.249.71.130 - - [30/Jul/2016:19:19:52 +0700] "GET /zaa_rgano/17556.htm HTTP/1.1" 404 37728