用于管理iptables的shell脚本一例

来源:网络整理作者: 发布时间:2020-12-20 20:48

用shell脚本实现iptables防火墙的设置与维护，是学习shell脚本与iptables配置的好例子，有需要的朋友，作个参考吧。...

#--------------------
#!/bin/bash
fi
else
then
read aclnum
break
elif [ "${aclnum}" == "2" ]
echo “————————————————-”

[[email protected]/wenku ~]# cat iptables.sh
if [ "${num}" == "6" ]
service iptables save
echo “(4) 自定义添加”
echo “(5) 退回上一级”
done

echo “(2) 查看每个策略或每条规则、每条链的简单流量统计”
iptables -A INPUT -p tcp -s ${ip} –dport ${port} -j ACCEPT
fi
service iptables save
break
read port
then
then
then
clear
echo “————————————————-”
echo -n “enter you chose[0-5]:”
iptables -A INPUT -s ${ip} -p tcp –dport 22 -j ACCEPT
while [ "1" == "1" ]
echo “(1) 查看当前正在使用的规则集”
echo “———————list ACL———————-”
echo “(0) exit”
exit
echo “(4) 自定义删除”
iptables -L -n -v
iptables -D INPUT -p tcp –dport ${port} -j ACCEPT
then
done
elif [ "${aclnum}" == "3" ]
echo -n “是否想继续添加: [y/n]:”
`${addacl}`
if [ "${aclnum}" == "1" ]
done
read contine
else
if [ "${num}" == "5" ]
echo “(2) 针对端口删除”
echo “(1) service iptables restart”
elif [ "${aclnum}" == "4" ]
iptables -L -t nat
then
else
echo -n “是否想继续添加: [y/n]:”
echo “———————-menu———————-”
read addacl
then
read contine
service iptables save
elif [ "${aclnum}" == "4" ]
elif [ "${aclnum}" == "2" ]
service iptables save
service iptables save
echo “(6) iptables status”
if [ "${num}" == "2" ]
echo -n “Do you contine [y/n]:”
fi
if [ "${aclnum}" == "1" ]
then
read ip
#edit by
#------------------------------
if [ "${num}" == "1" ]
if [ "${contine}" == "n" -o "${contine}" == "N" ]
while [ "1" == "1" ]
echo “(4) iptables stop”
echo “(3) 针对有端口和服务的ACL删除”
fi
elif [ "${aclnum}" == "3" ]
read aclnum
exit
read deleteacl
echo -e “`service iptables status&`”
#---------------------
then
then
break
then
rad ip
fi
fi
elif [ "${aclnum}" == "3" ]
clear
then
while [ "1" == "1" ]
echo “(3) 查看NAT表”
break
then
if [ "${contine}" == "n" -o "${contine}" == "N" ]
if [ "${aclnum}" == "1" ]
then
while [ "1" == "1" ]
`${deleteacl}`
echo -n “enter you chose[0-7]:”
echo “(5) 退回上一级”
then
if [ "${contine}" == "n" -o "${contine}" == "N" ]
echo “(2) 针对服务器端口放行添加”
fi
then
`${listacl}`
service iptables save
elif [ "${aclnum}" == "4" ]
fi
service iptables save
echo -e “`service iptables save&`”
then
echo “(3) 针对有端口和服务的ACL添加（这里要参数IP和端口例如 0/0 80）”
elif [ "${aclnum}" == "2" ]
fi
if [ ${num} -lt 0 -o ${num} -gt 7 ]
if [ "${contine}" == "n" -o "${contine}" == "N" ]
else

复制代码代码示例:

echo “———————delete ACL———————-”
if [ "${num}" == "7" ]
#--------------------------
iptables -D INPUT -s ${ip} -p tcp –dport 22 -j ACCEPT
echo “(7) iptables ACL list”
if [ "${num}" == "3" ]
echo “(3) iptables delete”
echo “(1) 针对源IP放行添加”
echo “(2) iptables add”
service iptables save
else
else
fi
if [ "${num}" == "4" ]
read num
echo “————————————————-”
do
else
iptables -L
read listacl
read ip port
read contine
fi
echo “————————————————-”
then
else
then
else
read aclnum
read ip
fi
echo “(4) 自定义查看”
echo -n “enter you chose[0-4]:”
read ip port
iptables -D INPUT -p tcp -s ${ip} –dport ${port} -j ACCEPT
do
echo “(1) 针对源ip删除”
done
then
break
clear
fi
echo “(5) 退回上一级”
else
fi
then
do
echo -n “enter you chose[0-5]:”
echo “———————-add ACL———————-”
then
echo -e “`service iptables stop&` ”
then
echo “(5) iptables save(输完ACL后要记得保存和查看)”
echo “this is not between 0-7″
fi

完整shell脚本如下：

break
clear
read contine
echo -n “是否想继续添加: [y/n]:”
do
else
iptables -A INPUT -p tcp –dport ${IP} -j ACCEPT
then
service iptables restart&