We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
我在宝塔面板的安全管理界面试图添加端口禁止的规则,面板提示添加成功,并且没给出任何错误提醒,但是我实际测试发现,被禁止的端口仍然能访问。
由于 docker 的某个核心特性,在创建 docker 实例的时候映射的端口,会自动放行,其会自动往 iptables 里插入放行规则,且该规则优先级比宝塔面板使用的 Firewalld 组件的规则优先级高,这最终导致了 docker 里挂载的端口,即使在宝塔的安全面板禁用了,也仍然能用。
iptables
响应式的更新宝塔安全面板,根据实际情况更新端口放行状态。如果用户配置的规则和 iptables 已有规则产生冲突,也应当给出合理提示
The text was updated successfully, but these errors were encountered:
No branches or pull requests
问题描述:
我在宝塔面板的安全管理界面试图添加端口禁止的规则,面板提示添加成功,并且没给出任何错误提醒,但是我实际测试发现,被禁止的端口仍然能访问。
个人发现
由于 docker 的某个核心特性,在创建 docker 实例的时候映射的端口,会自动放行,其会自动往
iptables里插入放行规则,且该规则优先级比宝塔面板使用的 Firewalld 组件的规则优先级高,这最终导致了 docker 里挂载的端口,即使在宝塔的安全面板禁用了,也仍然能用。个人建议
响应式的更新宝塔安全面板,根据实际情况更新端口放行状态。如果用户配置的规则和 iptables 已有规则产生冲突,也应当给出合理提示
The text was updated successfully, but these errors were encountered: