search

todaygood / linux-lab

everything kb,case about linux
1 stars 0 forks source link

vps遭到DDOS攻击了,怎样防DDOS攻击 #6

Closed todaygood closed 5 years ago

todaygood commented 5 years ago

Issue

发现VPS停机了,上去一看,原来是遭受到DDOS攻击了

**********************************************
List of processes
**********************************************
675922     init             init
676141     kthreadd/119267  
676142     khelper/119267   
686621     udevd            /sbin/udevd -d
694425     openvpn          /usr/sbin/openvpn --daemon --writepid /var/run/openvpn/openvpn.pid --cd /etc/openvpn --config openvpn.conf --script-security 2
694551     udevd            /sbin/udevd -d
694834     udevd            /sbin/udevd -d
694983     dnsmasq          /usr/sbin/dnsmasq
695405     sshd             /usr/sbin/sshd
696032     squid            squid -f /etc/squid/squid.conf
696054     squid            (squid) -f /etc/squid/squid.conf
696297     unlinkd          (unlinkd)
703564     ssserver         /usr/bin/python /usr/bin/ssserver -c /opt/shadowsocks_server_config -d start --pid-file /opt/shadowsocks.pid --log-file /opt/shadowsocks.log

**********************************************
First 272 lines from conntrack table (truncated)
**********************************************
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=39130 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=39130 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=34922 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=34922 mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 TIME_WAIT src=91.244.119.156 dst=${MY_VPS} sport=63740 dport=3128 src=${MY_VPS} dst=91.244.119.156 sport=3128 dport=63740 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=53247 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=53247 [ASSURED] mark=0 secmark=0 use=2
ipv6     10 tcp      6 118 SYN_SENT src=0000:0000:0000:0000:0000:0000:0000:0001 dst=2607:f8b0:4007:0800:0000:0000:0000:2004 sport=33222 dport=443 [UNREPLIED] src=2607:f8b0:4007:0800:0000:0000:0000:2004 dst=0000:0000:0000:0000:0000:0000:0000:0001 sport=443 dport=33222 mark=0 secmark=0 use=2
ipv4     2 tcp      6 52 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=35477 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=35477 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 49 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=60744 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=60744 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 42 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=54874 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=54874 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 9 CLOSE src=104.192.83.91 dst=${MY_VPS} sport=60996 dport=3128 src=${MY_VPS} dst=104.192.83.91 sport=3128 dport=60996 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 115 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=50376 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=50376 mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=37574 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=37574 mark=0 secmark=0 use=2
ipv4     2 tcp      6 39 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=52654 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=52654 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=35704 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=35704 mark=0 secmark=0 use=2
ipv4     2 tcp      6 62 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=43520 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=43520 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.72 dst=${MY_VPS} sport=50592 dport=3128 src=${MY_VPS} dst=104.192.83.72 sport=3128 dport=50592 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 67 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=47562 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=47562 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 24 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=36488 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=36488 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=36622 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=36622 mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=40764 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=40764 mark=0 secmark=0 use=2
ipv4     2 tcp      6 63 TIME_WAIT src=${MY_VPS} dst=23.222.161.85 sport=47720 dport=443 src=23.222.161.85 dst=${MY_VPS} sport=443 dport=47720 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=44298 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=44298 mark=0 secmark=0 use=2
ipv4     2 tcp      6 9 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=49415 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=49415 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=42668 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=42668 mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 TIME_WAIT src=116.255.159.64 dst=${MY_VPS} sport=54507 dport=3128 src=${MY_VPS} dst=116.255.159.64 sport=3128 dport=54507 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.73 dst=${MY_VPS} sport=53756 dport=3128 src=${MY_VPS} dst=104.192.83.73 sport=3128 dport=53756 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 35 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=47856 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=47856 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=38524 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=38524 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 3 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=36017 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=36017 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 6 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=46091 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=46091 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 10 TIME_WAIT src=${MY_VPS} dst=203.76.217.2 sport=51414 dport=80 src=203.76.217.2 dst=${MY_VPS} sport=80 dport=51414 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=54171 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=54171 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=53091 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=53091 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 112 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=47598 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=47598 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=35218 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=35218 mark=0 secmark=0 use=2
ipv4     2 tcp      6 52 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=34806 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=34806 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 114 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=48892 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=48892 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.72 dst=${MY_VPS} sport=50366 dport=3128 src=${MY_VPS} dst=104.192.83.72 sport=3128 dport=50366 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 119 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=54286 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=54286 mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=52908 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=52908 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 2 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=42846 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=42846 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 110 TIME_WAIT src=${MY_VPS} dst=23.222.161.85 sport=41452 dport=443 src=23.222.161.85 dst=${MY_VPS} sport=443 dport=41452 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 24 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=36444 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=36444 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 111 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=46208 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=46208 mark=0 secmark=0 use=2
ipv4     2 tcp      6 24 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=36038 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=36038 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 112 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=46944 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=46944 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=34094 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=34094 mark=0 secmark=0 use=2
ipv4     2 tcp      6 110 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=44694 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=44694 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.61 dst=${MY_VPS} sport=55632 dport=3128 src=${MY_VPS} dst=104.192.83.61 sport=3128 dport=55632 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=37018 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=37018 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=35286 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=35286 mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=44358 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=44358 mark=0 secmark=0 use=2
ipv4     2 tcp      6 87 TIME_WAIT src=5.200.35.9 dst=${MY_VPS} sport=53719 dport=3128 src=${MY_VPS} dst=5.200.35.9 sport=3128 dport=53719 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 117 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=52398 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=52398 mark=0 secmark=0 use=2
ipv4     2 tcp      6 2 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=46646 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=46646 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 110 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=45360 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=45360 mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=37754 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=37754 mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.83.91 dst=${MY_VPS} sport=59572 dport=3128 src=${MY_VPS} dst=104.192.83.91 sport=3128 dport=59572 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=40016 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=40016 mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38682 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38682 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=41061 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=41061 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 55 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=37940 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=37940 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 23 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=35222 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=35222 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 6 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=46305 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=46305 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=40982 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=40982 mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=44452 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=44452 mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=33494 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=33494 mark=0 secmark=0 use=2
ipv4     2 tcp      6 31 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=43792 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=43792 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 TIME_WAIT src=${MY_VPS} dst=23.222.161.85 sport=35174 dport=443 src=23.222.161.85 dst=${MY_VPS} sport=443 dport=35174 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=54464 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=54464 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 6 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=46389 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=46389 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 32 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=44284 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=44284 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 24 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=36580 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=36580 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=40396 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=40396 mark=0 secmark=0 use=2
ipv4     2 tcp      6 112 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=47182 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=47182 mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=39264 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=39264 mark=0 secmark=0 use=2
ipv4     2 tcp      6 27 TIME_WAIT src=5.200.35.9 dst=${MY_VPS} sport=60487 dport=3128 src=${MY_VPS} dst=5.200.35.9 sport=3128 dport=60487 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=42826 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=42826 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=34362 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=34362 mark=0 secmark=0 use=2
ipv4     2 tcp      6 62 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=43776 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=43776 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 35 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=47630 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=47630 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 112 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=47566 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=47566 mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=41396 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=41396 mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38630 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38630 mark=0 secmark=0 use=2
ipv4     2 tcp      6 52 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=35199 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=35199 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=43634 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=43634 mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=60892 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=60892 mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=38401 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=38401 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=40574 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=40574 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=34898 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=34898 mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=52760 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=52760 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 111 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=46018 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=46018 mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=41816 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=41816 mark=0 secmark=0 use=2
ipv4     2 tcp      6 24 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=35690 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=35690 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 114 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=48772 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=48772 mark=0 secmark=0 use=2
ipv4     2 tcp      6 114 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=48652 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=48652 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.64 dst=${MY_VPS} sport=53352 dport=3128 src=${MY_VPS} dst=104.192.83.64 sport=3128 dport=53352 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=60374 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=60374 mark=0 secmark=0 use=2
ipv4     2 tcp      6 57 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=39486 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=39486 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 119 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=54122 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=54122 mark=0 secmark=0 use=2
ipv4     2 tcp      6 119 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=53834 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=53834 mark=0 secmark=0 use=2
ipv4     2 tcp      6 110 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=45336 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=45336 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=45341 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=45341 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=43642 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=43642 mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=60690 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=60690 mark=0 secmark=0 use=2
ipv4     2 tcp      6 35 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=48018 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=48018 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 31 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=44016 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=44016 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 112 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=47264 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=47264 mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=42310 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=42310 mark=0 secmark=0 use=2
ipv4     2 tcp      6 23 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=35290 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=35290 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 34 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=46844 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=46844 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 76 TIME_WAIT src=119.23.151.217 dst=${MY_VPS} sport=58430 dport=3128 src=${MY_VPS} dst=119.23.151.217 sport=3128 dport=58430 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 44 TIME_WAIT src=${MY_VPS} dst=23.222.161.85 sport=32834 dport=443 src=23.222.161.85 dst=${MY_VPS} sport=443 dport=32834 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=42532 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=42532 mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38008 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38008 mark=0 secmark=0 use=2
ipv4     2 tcp      6 2 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=47402 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=47402 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=42502 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=42502 mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38538 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38538 mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=48349 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=48349 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=41528 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=41528 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.44 dst=${MY_VPS} sport=33548 dport=3128 src=${MY_VPS} dst=104.192.83.44 sport=3128 dport=33548 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=44114 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=44114 mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=43830 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=43830 mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=41440 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=41440 mark=0 secmark=0 use=2
ipv4     2 tcp      6 33 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=46282 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=46282 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 42 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=54920 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=54920 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 115 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=50108 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=50108 mark=0 secmark=0 use=2
ipv4     2 tcp      6 3 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=36431 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=36431 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 6 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=53495 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=53495 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 114 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=49302 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=49302 mark=0 secmark=0 use=2
ipv4     2 tcp      6 38 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=51274 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=51274 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=34096 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=34096 mark=0 secmark=0 use=2
ipv4     2 tcp      6 36 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=49168 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=49168 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 113 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=48550 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=48550 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.55 dst=${MY_VPS} sport=35030 dport=3128 src=${MY_VPS} dst=104.192.83.55 sport=3128 dport=35030 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.83.91 dst=${MY_VPS} sport=59789 dport=3128 src=${MY_VPS} dst=104.192.83.91 sport=3128 dport=59789 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 1 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=34615 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=34615 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=43278 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=43278 mark=0 secmark=0 use=2
ipv4     2 tcp      6 9 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=54076 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=54076 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 116 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=51334 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=51334 mark=0 secmark=0 use=2
ipv4     2 tcp      6 28 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=41212 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=41212 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 117 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=51880 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=51880 mark=0 secmark=0 use=2
ipv4     2 tcp      6 4 CLOSE src=39.108.194.236 dst=${MY_VPS} sport=46846 dport=3128 src=${MY_VPS} dst=39.108.194.236 sport=3128 dport=46846 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 116 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=51318 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=51318 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=34876 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=34876 mark=0 secmark=0 use=2
ipv4     2 tcp      6 63 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=44492 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=44492 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 24 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=35692 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=35692 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 7 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=40344 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=40344 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 4 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=52748 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=52748 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=50410 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=50410 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 113 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=48224 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=48224 mark=0 secmark=0 use=2
ipv4     2 tcp      6 111 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=46118 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=46118 mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=41776 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=41776 mark=0 secmark=0 use=2
ipv4     2 tcp      6 61 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=40788 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=40788 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 26 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=38952 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=38952 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=60628 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=60628 mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38074 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38074 mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=60552 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=60552 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=33942 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=33942 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.58 dst=${MY_VPS} sport=58938 dport=3128 src=${MY_VPS} dst=104.192.83.58 sport=3128 dport=58938 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=41628 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=41628 mark=0 secmark=0 use=2
ipv4     2 tcp      6 115 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=50136 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=50136 mark=0 secmark=0 use=2
ipv4     2 tcp      6 7 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=53586 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=53586 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=43650 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=43650 mark=0 secmark=0 use=2
ipv4     2 tcp      6 55 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=37854 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=37854 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 117 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=52186 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=52186 mark=0 secmark=0 use=2
ipv4     2 tcp      6 4 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=49218 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=49218 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=53984 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=53984 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 48 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=60074 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=60074 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 115 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=49656 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=49656 mark=0 secmark=0 use=2
ipv4     2 tcp      6 114 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=48808 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=48808 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.61 dst=${MY_VPS} sport=55389 dport=3128 src=${MY_VPS} dst=104.192.83.61 sport=3128 dport=55389 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 114 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=48756 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=48756 mark=0 secmark=0 use=2
ipv4     2 tcp      6 59 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=41502 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=41502 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 117 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=51814 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=51814 mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=37274 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=37274 mark=0 secmark=0 use=2
ipv4     2 tcp      6 7 CLOSE src=104.192.83.91 dst=${MY_VPS} sport=58566 dport=3128 src=${MY_VPS} dst=104.192.83.91 sport=3128 dport=58566 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 113 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=47804 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=47804 mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=43974 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=43974 mark=0 secmark=0 use=2
ipv4     2 tcp      6 66 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=47006 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=47006 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 69 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=48907 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=48907 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 1 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=46493 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=46493 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=60856 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=60856 mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38026 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38026 mark=0 secmark=0 use=2
ipv4     2 tcp      6 26 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=38724 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=38724 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 49 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=33075 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=33075 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38834 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38834 mark=0 secmark=0 use=2
ipv4     2 tcp      6 77 TIME_WAIT src=120.77.6.14 dst=${MY_VPS} sport=56070 dport=3128 src=${MY_VPS} dst=120.77.6.14 sport=3128 dport=56070 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 3 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=35992 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=35992 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=40947 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=40947 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 111 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=46670 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=46670 mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=44076 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=44076 mark=0 secmark=0 use=2
ipv4     2 tcp      6 102 TIME_WAIT src=120.78.15.46 dst=${MY_VPS} sport=4586 dport=3128 src=${MY_VPS} dst=120.78.15.46 sport=3128 dport=4586 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 39 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=52306 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=52306 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 9 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=41625 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=41625 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 56 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=38748 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=38748 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38890 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38890 mark=0 secmark=0 use=2
ipv4     2 tcp      6 34 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=46410 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=46410 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 115 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=49998 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=49998 mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=48263 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=48263 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 115 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=49660 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=49660 mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=37030 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=37030 mark=0 secmark=0 use=2
ipv4     2 tcp      6 115 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=50430 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=50430 mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=33178 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=33178 mark=0 secmark=0 use=2
ipv4     2 tcp      6 119 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=54352 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=54352 mark=0 secmark=0 use=2
ipv4     2 tcp      6 57 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=39192 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=39192 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 42 CLOSE_WAIT src=221.229.204.160 dst=${MY_VPS} sport=63073 dport=3128 src=${MY_VPS} dst=221.229.204.160 sport=3128 dport=63073 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=37906 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=37906 mark=0 secmark=0 use=2
ipv4     2 tcp      6 115 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=49952 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=49952 mark=0 secmark=0 use=2
ipv4     2 tcp      6 119 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=54404 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=54404 mark=0 secmark=0 use=2
ipv4     2 tcp      6 113 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=48194 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=48194 mark=0 secmark=0 use=2
ipv4     2 tcp      6 112 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=47712 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=47712 mark=0 secmark=0 use=2
ipv4     2 tcp      6 43 TIME_WAIT src=${MY_VPS} dst=23.222.161.85 sport=40688 dport=443 src=23.222.161.85 dst=${MY_VPS} sport=443 dport=40688 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 3 CLOSE src=104.192.83.44 dst=${MY_VPS} sport=36079 dport=3128 src=${MY_VPS} dst=104.192.83.44 sport=3128 dport=36079 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=39714 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=39714 mark=0 secmark=0 use=2
ipv4     2 tcp      6 48 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=60254 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=60254 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=40850 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=40850 mark=0 secmark=0 use=2
ipv4     2 tcp      6 43 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=56440 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=56440 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 33 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=46238 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=46238 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 9 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=53761 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=53761 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=37848 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=37848 mark=0 secmark=0 use=2
ipv4     2 tcp      6 40 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=52942 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=52942 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 2 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=46720 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=46720 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 45 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=57418 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=57418 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 112 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=47688 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=47688 mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=52888 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=52888 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 109 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=43724 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=43724 mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=33526 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=33526 mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=45159 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=45159 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 114 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=49418 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=49418 mark=0 secmark=0 use=2
ipv4     2 tcp      6 117 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=51924 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=51924 mark=0 secmark=0 use=2
ipv4     2 tcp      6 119 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=53696 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=53696 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=35272 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=35272 mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=34226 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=34226 mark=0 secmark=0 use=2
ipv4     2 tcp      6 7 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=51604 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=51604 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=48073 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=48073 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 4 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=37200 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=37200 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=37752 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=37752 mark=0 secmark=0 use=2
ipv4     2 tcp      6 55 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=38104 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=38104 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 7 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=51807 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=51807 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 115 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=50470 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=50470 mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38332 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38332 mark=0 secmark=0 use=2
ipv4     2 tcp      6 7 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=47165 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=47165 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=35526 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=35526 mark=0 secmark=0 use=2
ipv4     2 tcp      6 58 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=40520 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=40520 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=36384 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=36384 mark=0 secmark=0 use=2
ipv4     2 tcp      6 8 CLOSE src=104.192.83.54 dst=${MY_VPS} sport=54175 dport=3128 src=${MY_VPS} dst=104.192.83.54 sport=3128 dport=54175 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 9 CLOSE src=104.192.83.91 dst=${MY_VPS} sport=60875 dport=3128 src=${MY_VPS} dst=104.192.83.91 sport=3128 dport=60875 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 3 CLOSE src=104.192.82.119 dst=${MY_VPS} sport=43949 dport=3128 src=${MY_VPS} dst=104.192.82.119 sport=3128 dport=43949 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 1 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=45764 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=45764 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 22 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=33682 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=33682 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=36798 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=36798 mark=0 secmark=0 use=2
ipv4     2 tcp      6 2 CLOSE src=104.192.83.44 dst=${MY_VPS} sport=35014 dport=3128 src=${MY_VPS} dst=104.192.83.44 sport=3128 dport=35014 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 6 CLOSE src=104.192.83.44 dst=${MY_VPS} sport=39183 dport=3128 src=${MY_VPS} dst=104.192.83.44 sport=3128 dport=39183 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 2 CLOSE src=104.192.83.44 dst=${MY_VPS} sport=35743 dport=3128 src=${MY_VPS} dst=104.192.83.44 sport=3128 dport=35743 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=36958 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=36958 mark=0 secmark=0 use=2
ipv4     2 tcp      6 7 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=40320 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=40320 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 9 CLOSE src=${MY_VPS} dst=23.222.161.85 sport=43830 dport=443 src=23.222.161.85 dst=${MY_VPS} sport=443 dport=43830 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=39636 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=39636 mark=0 secmark=0 use=2
ipv4     2 tcp      6 116 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=50812 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=50812 mark=0 secmark=0 use=2
ipv4     2 tcp      6 110 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=45168 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=45168 mark=0 secmark=0 use=2
ipv4     2 tcp      6 5 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=49651 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=49651 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 110 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=45552 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=45552 mark=0 secmark=0 use=2
ipv4     2 tcp      6 27 TIME_WAIT src=${MY_VPS} dst=23.222.161.85 sport=40418 dport=443 src=23.222.161.85 dst=${MY_VPS} sport=443 dport=40418 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 106 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=35770 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=35770 mark=0 secmark=0 use=2
ipv4     2 tcp      6 104 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=33452 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=33452 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.81.109 dst=${MY_VPS} sport=33719 dport=3128 src=${MY_VPS} dst=104.192.81.109 sport=3128 dport=33719 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 108 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=41710 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=41710 mark=0 secmark=0 use=2
ipv4     2 tcp      6 7 CLOSE src=104.192.83.50 dst=${MY_VPS} sport=52331 dport=3128 src=${MY_VPS} dst=104.192.83.50 sport=3128 dport=52331 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 107 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=38412 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=38412 mark=0 secmark=0 use=2
ipv4     2 tcp      6 0 CLOSE src=104.192.83.91 dst=${MY_VPS} sport=55786 dport=3128 src=${MY_VPS} dst=104.192.83.91 sport=3128 dport=55786 [ASSURED] mark=0 secmark=0 use=2
ipv4     2 tcp      6 105 SYN_SENT src=${MY_VPS} dst=60.205.43.146 sport=35356 dport=80 [UNREPLIED] src=60.205.43.146 dst=${MY_VPS} sport=80 dport=35356 mark=0 secmark=0 use=2
ipv4     2 tcp      6 38 TIME_WAIT src=${MY_VPS} dst=162.159.210.63 sport=51002 dport=80 src=162.159.210.63 dst=${MY_VPS} sport=80 dport=51002 [ASSURED] mark=0 secmark=0 use=2
ipv4
todaygood commented 5 years ago

使用Ddos deflat 和apf 进行防御

参见: http://www.cnblogs.com/shuidao/p/3538702.html https://maytalkhao.com/archives/357

todaygood commented 5 years ago

Issue

用了一段时间,发现连vps timedout了 

[root@vps log]# tail -n 10  /var/log/apf_log 
Oct 02 20:30:01 vps apf(8763): {glob} refreshing trust system rules
Oct 02 20:40:01 vps apf(9094): {glob} refreshing trust system rules
Oct 02 20:50:01 vps apf(9421): {glob} refreshing trust system rules
Oct 02 21:00:02 vps apf(9766): {glob} refreshing trust system rules
Oct 02 21:08:01 vps apf(10068): (trust) added DENY all to/from 119.123.35.78
Oct 02 21:10:02 vps apf(10171): {glob} refreshing trust system rules
Oct 02 21:10:02 vps apf(10171): {glob} loading /etc/apf/deny_hosts.rules
Oct 02 21:10:02 vps apf(10171): {trust} deny all to/from 119.123.35.78
Oct 02 21:18:01 vps apf(10567): {trust} removed 119.123.35.78 from trust system
Oct 02 21:20:01 vps apf(10720): {glob} refreshing trust system rules

查看日志,发现这个ip就是我的外网IP, 原来是被禁掉了。

Solution

把这个IP添加到 /etc/apf/allow_hosts.rules 文件中,apf -r 使之生效。

todaygood commented 5 years ago

发现上述方法,过了10分钟之后又出问题了,一看/etc/apf/allow_hosts.rules 文件中的记录没有了。

现在修改/usr/local/ddos/ignore.ip.list 文件,设置白名单。