• iptables交互配置shell脚本


    #!/bin/bash
    while true
    do
    clear
    echo "———————-menu————————"
    echo -e "33[49;32;1m(1) 重启33[49;35;1miptables33[0m "
    echo -e "33[49;32;1m(2) 添加33[49;35;1miptables33[49;32;1m规则33[0m "
    echo -e "33[49;32;1m(3) 删除33[49;35;1miptables33[49;32;1m规则33[0m "
    echo -e "33[49;32;1m(4) 关闭33[49;35;1miptables33[0m "
    echo -e "33[49;32;1m(5) 保存33[49;35;1miptables33[49;32;1m规则(输完ACL后要记得保存和查看)33[0m "
    echo -e "33[49;32;1m(6) 查看33[49;35;1miptables33[49;32;1m状态33[0m "
    echo -e "33[49;32;1m(7) 添加33[49;35;1miptables33[49;32;1m控制列表33[0m "
    echo -e "33[49;32;1m(0) 退出脚本33[0m "
    echo "————————————————————"
    echo -en "33[49;31;1m 请输入数字0-7:  33[0m"
    read num
    if [[ "${num}" =~ "^$" ]];
    then
    echo -e "33[49;31;5m 请输入0-7中的数字!或者Ctrl+C退出! 33[0m"
    else
    if [[ "${num}" =~ "^[a-zA-Z]+$" ]];
    then
    echo -e "33[49;31;5m 请输入0-7中的数字!或者Ctrl+C退出! 33[0m"
    else
    #if [ ${num} -lt 0 -o ${num} -gt 7 ]
    if [[ "${num}" =~ "[8-9]" ]];
    then
    echo -e "33[49;31;5m 请输入0-7中的数字!或者Ctrl+C退出! 33[0m"
    else
    if [ "${num}" == "1" ]
    then
    service iptables restart&
    else
    if [ "${num}" == "2" ]
    #######################################################
    then
    while true
    do
    clear
    echo "———————-add ACL———————"
    echo -e "33[49;32;1m(1) 针对源33[49;35;1mIP33[49;32;1m放行添加33[0m "
    echo -e "33[49;32;1m(2) 针对服务器33[49;35;1m端口33[49;32;1m放行添加 33[0m "
    echo -e "33[49;32;1m(3) 针对有33[49;35;1mIP和端口33[49;32;1m的规则添加33[49;35;1m(这里要参数IP和端口 例如:1.1.1.1/255.255.0.0 80)33[0m "
    echo -e "33[49;32;1m(4) 自定义完整语句添加 33[0m "
    echo -e "33[49;32;1m(0) 返回上一级 33[0m "
    echo "——————————————————————"
    echo -en "33[49;31;1m 请输入数字0-4: 33[0m"
    read aclnum
    if [[ "${aclnum}" =~ "^$" ]];
    then
    echo -e "33[49;31;5m 请输入0-4中的数字!或者Ctrl+C退出! 33[0m"
    else
    if [[ "${aclnum}" =~ "^[a-zA-Z]+$" ]];
    then
    echo -e "33[49;31;5m 请输入0-4中的数字!或者Ctrl+C退出! 33[0m"
    else
    if [[ "${aclnum}" =~ "[5-9]" ]];
    then
    echo -e "33[49;31;5m 请输入0-4中的数字!或者Ctrl+C退出! 33[0m"
    elif [ "${aclnum}" == "1" ]
    then
    read ip
    iptables -A INPUT -s ${ip} -p tcp -j ACCEPT
    service iptables save
    elif [ "${aclnum}" == "2" ]
    then
    read port
    iptables -A INPUT -p tcp -s 0/0 --dport ${port} -j ACCEPT
    service iptables save
    elif [ "${aclnum}" == "3" ]
    then
    read ip port
    iptables -A INPUT -p tcp -s ${ip} --dport ${port} -j ACCEPT
    service iptables save
    elif [ "${aclnum}" == "4" ]
    then
    read addacl
    `${addacl}`
    service iptables save
    else
    break
    fi
    fi
    fi
    echo -n "是否想继续添加,回车或Y继续,按N返回上一级!: [y/n]:"
    read contine
    if [ "${contine}" == "n" -o "${contine}" == "N" ]
    then
    break
    fi
    done
    #######################################################
    else
    if [ "${num}" == "3" ]
    then
    while true
    do
    clear
    echo "———————delete ACL———————-"
    echo -e "33[49;32;1m(1) 针对源33[49;35;1mIP33[49;32;1m删除33[0m "
    echo -e "33[49;32;1m(2) 针对服务器33[49;35;1m端口33[49;32;1m删除 33[0m "
    echo -e "33[49;32;1m(3) 针对有33[49;35;1mIP和端口33[49;32;1m的规则删除33[49;35;1m(这里要参数IP和端口 例如:1.1.1.1/255.255.0.0 80)33[0m "
    echo -e "33[49;32;1m(4) 自定义完整语句删除 33[0m "
    echo -e "33[49;32;1m(0) 返回上一级 33[0m "
    echo "————————————————-"
    echo -en "33[49;31;1m 请输入数字0-4: 33[0m"
    read aclnum
    if [[ "${aclnum}" =~ "^$" ]];
    then
    echo -e "33[49;31;5m 请输入0-4中的数字!或者Ctrl+C退出! 33[0m"
    else
    if [[ "${aclnum}" =~ "^[a-zA-Z]+$" ]];
    then
    echo -e "33[49;31;5m 请输入0-4中的数字!或者Ctrl+C退出! 33[0m"
    else
    if [[ "${aclnum}" =~ "[5-9]" ]];
    then
    echo -e "33[49;31;5m 请输入0-4中的数字!或者Ctrl+C退出! 33[0m"
    elif [ "${aclnum}" == "1" ]
    then
    read ip
    iptables -D INPUT -s ${ip} -p tcp  -j ACCEPT
    service iptables save
    elif [ "${aclnum}" == "2" ]
    then
    read port
    iptables -D INPUT -p tcp -s 0/0 --dport ${port} -j ACCEPT
    service iptables save
    elif [ "${aclnum}" == "3" ]
    then
    read ip port
    iptables -D INPUT -p tcp -s ${ip} --dport ${port} -j ACCEPT
    service iptables save
    elif [ "${aclnum}" == "4" ]
    then
    read deleteacl
    `${deleteacl}`
    service iptables save
    else
    break
    fi
    fi
    fi
    echo -n "是否想继续删除,回车或Y继续,按N返回上一级!: [y/n]:"
    read contine
    if [ "${contine}" == "n" -o "${contine}" == "N" ]
    then
    break
    fi
    done
    ###################################################################
    else
    if [ "${num}" == "4" ]
    then
    echo -e "`service iptables stop&` "
    else
    if [ "${num}" == "5" ]
    then
    echo -e "`service iptables save&`"
    else
    if [ "${num}" == "6" ]
    then
    echo -e "`service iptables status&`"
    else
    ##################################################################
    if [ "${num}" == "7" ]
    then
    while true
    do
    clear
    echo "———————list ACL———————-"
    echo -e "33[49;32;1m(1) 看当前正在使用的规则集 33[0m "
    echo -e "33[49;32;1m(2) 查看每个策略或每条规则、每条链的简单流量统计33[0m "
    echo -e "33[49;32;1m(3) 查看NAT表 33[0m "
    echo -e "33[49;32;1m(4) 自定义查看 33[0m "
    echo -e "33[49;32;1m(0) 退回上一级33[0m "
    echo "————————————————-"
    echo -en "33[49;31;1m 请输入数字0-4: 33[0m"
    read aclnum
    if [[ "${aclnum}" =~ "^$" ]];
    then
    echo -e "33[49;31;5m 请输入0-4中的数字!或者Ctrl+C退出! 33[0m"
    else
    if [[ "${aclnum}" =~ "^[a-zA-Z]+$" ]];
    then
    echo -e "33[49;31;5m 请输入0-4中的数字!或者Ctrl+C退出! 33[0m"
    else
    if [[ "${aclnum}" =~ "[5-9]" ]];
    then
    echo -e "33[49;31;5m 请输入0-4中的数字!或者Ctrl+C退出! 33[0m"
    elif [ "${aclnum}" == "1" ]
    then
    iptables -L
    elif [ "${aclnum}" == "2" ]
    then
    iptables -L -n -v
    elif [ "${aclnum}" == "3" ]
    then
    iptables -L -t nat
    elif [ "${aclnum}" == "4" ]
    then
    read listacl
    `${listacl}`
    else
    break
    fi
    fi
    fi
    echo -n "是否想继续查看,回车或Y继续,按N返回上一级!: [y/n]:"
    read contine
    if [ "${contine}" == "n" -o "${contine}" == "N" ]
    then
    break
    fi
    done
    ################################################
    else
    exit
    fi
    fi
    fi
    fi
    fi
    fi
    fi
    fi
    fi
    fi
    echo -n "按回车或者Y返回上一级,按N退出程序![y/n]:"
    read contine
    if [ "${contine}" == "n" -o "${contine}" == "N" ]
    then
    exit
    fi
    done
  • 相关阅读:
    7
    6
    5.1
    5
    C#类库帮助类
    Asp.net 数据库依赖那些事
    C#使用NLog记录日志
    JQuery常用操作实现方式
    常用Sql 标量值函数
    Sql语句查询XML
  • 原文地址:https://www.cnblogs.com/sysk/p/5254324.html
Copyright © 2020-2023  润新知