zoukankan      html  css  js  c++  java
  • iptables学习

    droidwall.sh

    #!/system/bin/sh
    IPTABLES=iptables
    BUSYBOX=busybox
    GREP=grep
    ECHO=echo
    # Try to find busybox
    if /data/data/com.example.my_android_wall/app_bin/busybox_g1 --help >/dev/null 2>/dev/null ; then
        BUSYBOX=/data/data/com.example.my_android_wall/app_bin/busybox_g1
        GREP="$BUSYBOX grep"
        ECHO="$BUSYBOX echo"
    elif busybox --help >/dev/null 2>/dev/null ; then
        BUSYBOX=busybox
    elif /system/xbin/busybox --help >/dev/null 2>/dev/null ; then
        BUSYBOX=/system/xbin/busybox
    elif /system/bin/busybox --help >/dev/null 2>/dev/null ; then
        BUSYBOX=/system/bin/busybox
    fi
    # Try to find grep
    if ! $ECHO 1 | $GREP -q 1 >/dev/null 2>/dev/null ; then
        if $ECHO 1 | $BUSYBOX grep -q 1 >/dev/null 2>/dev/null ; then
            GREP="$BUSYBOX grep"
        fi
        # Grep is absolutely required
        if ! $ECHO 1 | $GREP -q 1 >/dev/null 2>/dev/null ; then
            $ECHO The grep command is required. DroidWall will not work.
            exit 1
        fi
    fi
    # Try to find iptables
    # Added if iptables binary already in system then use it, if not use implemented one
    if ! command -v iptables &> /dev/null; then
    if /data/data/com.example.my_android_wall/app_bin/iptables_armv5 --version >/dev/null 2>/dev/null ; then
        IPTABLES=/data/data/com.example.my_android_wall/app_bin/iptables_armv5
    fi
    fi
    $IPTABLES --version || exit 1
    # Create the droidwall chains if necessary
    $IPTABLES -L droidwall >/dev/null 2>/dev/null || $IPTABLES --new droidwall || exit 2
    $IPTABLES -L droidwall-3g >/dev/null 2>/dev/null || $IPTABLES --new droidwall-3g || exit 3
    $IPTABLES -L droidwall-wifi >/dev/null 2>/dev/null || $IPTABLES --new droidwall-wifi || exit 4
    $IPTABLES -L droidwall-reject >/dev/null 2>/dev/null || $IPTABLES --new droidwall-reject || exit 5
    # Add droidwall chain to OUTPUT chain if necessary
    $IPTABLES -L OUTPUT | $GREP -q droidwall || $IPTABLES -A OUTPUT -j droidwall || exit 6
    # Flush existing rules
    $IPTABLES -F droidwall || exit 7
    $IPTABLES -F droidwall-3g || exit 8
    $IPTABLES -F droidwall-wifi || exit 9
    $IPTABLES -F droidwall-reject || exit 10
    # Create the reject rule (log disabled)
    $IPTABLES -A droidwall-reject -j REJECT || exit 11
    # Main rules (per interface)
    $IPTABLES -A droidwall -o rmnet+ -j droidwall-3g || exit
    $IPTABLES -A droidwall -o pdp+ -j droidwall-3g || exit
    $IPTABLES -A droidwall -o ppp+ -j droidwall-3g || exit
    $IPTABLES -A droidwall -o uwbr+ -j droidwall-3g || exit
    $IPTABLES -A droidwall -o wimax+ -j droidwall-3g || exit
    $IPTABLES -A droidwall -o vsnet+ -j droidwall-3g || exit
    $IPTABLES -A droidwall -o ccmni+ -j droidwall-3g || exit
    $IPTABLES -A droidwall -o usb+ -j droidwall-3g || exit
    $IPTABLES -A droidwall -o tiwlan+ -j droidwall-wifi || exit
    $IPTABLES -A droidwall -o wlan+ -j droidwall-wifi || exit
    $IPTABLES -A droidwall -o eth+ -j droidwall-wifi || exit
    $IPTABLES -A droidwall -o ra+ -j droidwall-wifi || exit
    # Filtering rules
    $IPTABLES -A droidwall-3g -m owner --uid-owner 10079 -j droidwall-reject || exit
    $IPTABLES -A droidwall-wifi -m owner --uid-owner 10079 -j droidwall-reject || exit
    exit

    iptables -N[X] demo

    iptables -A[D] demo -j REJECT -m owner --uid-owner u0_a74

    iptables -A[D] OUTPUT -j demo

  • 相关阅读:
    xmind等工具下载
    remix使用经验积累
    visual studio code下载地址
    以太坊存储类型(memory,storage)及变量存储详解
    remix共享本地文件夹教程
    在remix恢复已部署的合约步骤
    ERC721 相关语法和知识点学习
    用truffle写测试用例
    truffle环境搭建和应用
    jenkins pipeline基础语法与示例
  • 原文地址:https://www.cnblogs.com/bloodofhero/p/4229394.html
Copyright © 2011-2022 走看看