如果数据包匹配到下边这条iptables规则,访问端则会报No route to host,抓包中可能会看到 unreachable - admin prohibited
-j REJECT --reject-with icmp-host-prohibited
报错看起来像是没有路由到目的主机,但实际是在一个局域网内。
No route to host
# telnet 192.168.10.10 8880
Trying 192.168.10.10...
telnet: connect to address 192.168.10.10: No route to host
icmp-host-prohibited
被拒绝的连接会收到一个icmp,返回目标主机不可达。
Connection refused
# 连接一个网络可以通的主机,但主机没有监听的端口,会报Connection refused
# telnet 192.168.10.10 8800
Trying 192.168.10.10...
telnet: connect to address 192.168.10.10: Connection refused
Connection timed out
# 连接一个不存在的ip,会报Connection timed out
# telnet 192.168.10.101 8800
Trying 192.168.10.101...
telnet: connect to address 10.85.19.131: Connection timed out
Name or service not known
# telnet一个无法解析的域名,会报 Name or service not known
# telnet www.ababalabba.com 8800
telnet: www.ababalabba.com: Name or service not known
www.ababalabba.com: Unknown host
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
