• iptables控制访问

    #!/usr/bin/env bash
#

set -e
set -x

localIP=`ip a| grep inet|grep -v "127.0.0.1"|awk '{print $2}'|cut -d/ -f1`
if [[ -n $localIP ]];then
	echo "==LocalIP: $localIP"
else 
	echo "==LocalIP: $localIP"
	exit
fi

echo "==Start iptables service"
systemctl start firewall.service
systemctl enable firewall.service

echo "==Clean default iptables rules"
iptables -F

echo "==Accept local"
iptables -A INPUT -s ${localIP} -p tcp --destination-ports 2181 -j ACCEPT
iptables -A INPUT -s localhost -p tcp --destination-ports 2181 -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -p tcp --destination-ports 2181 -j ACCEPT

echo "==Accept other"
iptables -A INPUT -s 11.95.112.0/20 -p tcp --dport 2181 -j ACCEPT
iptables -A INPUT -s 11.93.208.0/20 -p tcp --dport 2181 -j ACCEPT

echo "==Refuse all"
iptables -A INPUT -p tcp --destination-ports 2181 -j DROP

echo "==Storage iptables rules"
cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak
sudo iptables-save -t filter > /etc/sysconfig/iptables
  • 相关阅读:
    P2045 方格取数加强版
    P2774 方格取数问题
    日记——OI历程
    6.30考试
    6.29考试
    数论...
    6.28数论测试
    洛谷P3802 小魔女帕琪
    hosts
    博客设置
  • 原文地址:https://www.cnblogs.com/vinsent/p/12834907.html
Copyright © 2020-2023  润新知