这是我在/ etc / sysconfig / iptables中的设置：

#start of my iptables

# Generated by iptables-save v1.2.11 on Wed May 27 00:31:22 2015

*mangle

:PREROUTING ACCEPT [130933577:29488298585]

:INPUT ACCEPT [130933577:29488298585]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [171790648:176814024859]

:POSTROUTING ACCEPT [171789023:176813945079]

COMMIT

# Completed on Wed May 27 00:31:22 2015

# Generated by iptables-save v1.2.11 on Wed May 27 00:31:22 2015

*filter

:INPUT ACCEPT [130907005:29486700773]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [171789023:176813945079]

-A INPUT -s 117.21.191.0/255.255.255.0 -j DROP

-A INPUT -s 106.0.210.78 -j DROP

-A INPUT -s 58.218.0.0/255.255.0.0 -j DROP

-A INPUT -s 117.3.215.251 -j DROP

-A INPUT -s 119.97.146.0/255.255.255.0 -j DROP

-A INPUT -s 203.185.69.45 -j DROP

-A INPUT -s 58.18.172.0/255.255.255.0 -j DROP

-A OUTPUT -p tcp -m tcp --dport 6660:6669 -j DROP

-A INPUT -p tcp -s my_static_ip --dport 22 -j ACCEPT

-A INPUT -p tcp -s my_static_ip --dport 21 -j ACCEPT

-A INPUT -p tcp -s my_static_ip --dport 110 -j ACCEPT

-A INPUT -p tcp -m tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT

-A INPUT -p tcp -m tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT

-A INPUT -p tcp ! -s my_static_ip -j DROP

COMMIT

# Completed on Wed May 27 00:31:22 2015

# Generated by iptables-save v1.2.11 on Wed May 27 00:31:22 2015

*nat

:PREROUTING ACCEPT [8063847:452240147]

:POSTROUTING ACCEPT [3324733:239203840]

:OUTPUT ACCEPT [3324733:239203840]

COMMIT

# Completed on Wed May 27 00:31:22 2015

# end of my iptables

my_static_ip是我用来连接linux服务器的ip地址(比如说100.10.10.10).

基本上我想只允许我的一个IP连接到我的服务器使用ssh,ftp,接收和发送电子邮件等等,因为有许多滥用的IP和机器人试图访问ssh,ftp,pop等.HTTP和SSL必须允许我的服务器上的每个人.

通过上面的设置,除了我无法接收或发送电子邮件之外,一切都很顺利.你能告诉我我做错了什么吗？

预先感谢您的帮助.