openwrt 防火墙网络监控命令
监控网络的出入站情况,查找问题。尤其对不熟悉openwrt防火墙的人及其友好。相关命令在ui界面执行保存或者重启之后失效。
# 列出所有表
nft list tables
# 查看所有链的规则
nft list ruleset
# 比如我的是 inet fw4
[root@Kwrt:18:36 ~] # nft list tables
table inet fw4
nft insert rule inet fw4 input tcp dport 8880 log prefix \"入站8880 : \"
nft insert rule inet fw4 forward tcp dport 8880 log prefix \"转发8880 : \"
nft insert rule inet fw4 output tcp dport 8880 log prefix \"出站8880 : \"
nft insert rule inet fw4 prerouting tcp dport 8880 log prefix \"前置8880 : \"
nft insert rule inet fw4 handle_reject tcp dport 8880 log prefix \"拒绝处理8880 : \"
nft insert rule inet fw4 syn_flood tcp dport 8880 log prefix \"SYN洪水8880 : \"
nft insert rule inet fw4 input_lan tcp dport 8880 log prefix \"输入LAN8880 : \"
nft insert rule inet fw4 output_lan tcp dport 8880 log prefix \"输出LAN8880 : \"
nft insert rule inet fw4 forward_lan tcp dport 8880 log prefix \"转发LAN8880 : \"
nft insert rule inet fw4 input_wan tcp dport 8880 log prefix \"WAN输入8880 : \"
nft insert rule inet fw4 output_wan tcp dport 8880 log prefix \"WAN输出8880 : \"
nft insert rule inet fw4 reject_from_wan tcp dport 8880 log prefix \"拒绝来自WAN8880 : \"
nft insert rule inet fw4 reject_to_wan tcp dport 8880 log prefix \"拒绝去WAN8880 : \"
nft insert rule inet fw4 dstnat tcp dport 8880 log prefix \"NAT前置8880 : \"
nft insert rule inet fw4 srcnat tcp dport 8880 log prefix \"NAT后置8880 : \"
nft insert rule inet fw4 raw_prerouting tcp dport 8880 log prefix \"原始前置8880 : \"
nft insert rule inet fw4 raw_output tcp dport 8880 log prefix \"原始输出8880 : \"
nft insert rule inet fw4 mangle_prerouting tcp dport 8880 log prefix \"修改前置8880 : \"
nft insert rule inet fw4 mangle_postrouting tcp dport 8880 log prefix \"修改后置8880 : \"
nft insert rule inet fw4 mangle_input tcp dport 8880 log prefix \"修改输入8880 : \"
nft insert rule inet fw4 mangle_output tcp dport 8880 log prefix \"修改输出8880 : \"
nft insert rule inet fw4 mangle_forward tcp dport 8880 log prefix \"修改转发8880 : \"
nft insert rule inet fw4 upnp_forward tcp dport 8880 log prefix \"UPnP转发8880 : \"
nft insert rule inet fw4 upnp_prerouting tcp dport 8880 log prefix \"UPnP前置8880 : \"
nft insert rule inet fw4 upnp_postrouting tcp dport 8880 log prefix \"UPnP后置8880 : \"
执行下面的命令监控
logread -f
效果
[root@Kwrt:18:10 ~] # logread -f
Thu Oct 24 18:11:12 2024 kern.warn kernel: [ 2798.738585] 前置8880 : IN=wan OUT= MAC=fc:7c:02:55:cc:3f:*********** SRC=240e:022:0810:9c30:*********** DST=2409:8a50:5823:24a4:*********** LEN=84 TC=4 HOPLIMIT=55 FLOWLBL=280520 PROTO=TCP SPT=59977 DPT=8880 WINDOW=65535 RES=0x00 SYN URGP=0
Thu Oct 24 18:11:12 2024 kern.warn kernel: [ 2798.738727] 转发8880 : IN=wan OUT=br-lan MAC=fc:7c:ss:44:cc:3f:48:1f:*********** SRC=240e:0469:0810:9c30:*********** DST=2409:8a50:5823:24a4:*********** LEN=84 TC=4 HOPLIMIT=54 FLOWLBL=280520 PROTO=TCP SPT=59977 DPT=8880 WINDOW=65535 RES=0x00 SYN URGP=0
Thu Oct 24 18:11:12 2024 kern.warn kernel: [ 2798.738789] 拒绝处理8880 : IN=wan OUT=br-lan MAC=cs:7c:02:44:cc:3f:48:1f:66*********** SRC=240e:0469:0810:9c30:*********** DST=2409:8a50:*********** LEN=84 TC=4 HOPLIMIT=54 FLOWLBL=280520 PROTO=TCP SPT=59977 DPT=8880 WINDOW=65535 RES=0x00 SYN URGP=0
浙公网安备 33010602011771号