当前位置:根目录 / qit /

文件名 修改时间 大小 操作
.. - -
README.md README.md 2025-05-22 12:38 1.74 KB
README.md

更换国内源

sudo nano /etc/apt/sources.list

# 清华大学Debian主仓库
deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware
deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware

# 安全更新仓库
deb https://mirrors.tuna.tsinghua.edu.cn/debian-security/ bookworm-security main contrib non-free non-free-firmware
deb-src https://mirrors.tuna.tsinghua.edu.cn/debian-security/ bookworm-security main contrib non-free non-free-firmware

我的nftables防火墙配置

vim /etc/nftables.conf

table inet filter {
        chain input {
                type filter hook input priority filter; policy accept;
                iif "lo" counter packets 0 bytes 0 accept
                icmpv6 type echo-request counter packets 11 bytes 1144 drop
                tcp dport 21 counter packets 1065 bytes 83566 accept
                tcp dport 22 counter packets 929 bytes 103697 accept
                tcp dport { 13141, 13143 } counter packets 1160 bytes 258302 accept
                tcp dport { 80, 443 } limit rate 99/second counter packets 12414 bytes 6672657 accept
                tcp dport 13000-13140 counter packets 1200 bytes 132939 accept
                tcp dport 0-65535 counter packets 3301 bytes 461717 drop
                udp dport 443 limit rate 30/second counter packets 0 bytes 0 accept
                udp dport 0-65535 counter packets 26198 bytes 4151677 drop
                counter packets 1549 bytes 111528 accept
        }

        chain output {
                type filter hook output priority filter; policy accept;
                counter packets 46148 bytes 19756363 accept
        }
}

#设置开机启动
sudo systemctl enable nftables