zoukankan      html  css  js  c++  java

  • xenserver 通过防火墙禁用xencenter VM控制台方法

    #!/bin/sh

#ver 0.1 0706/2017 hayden
#this script for disable Xenserver VM VNC Console port
#yelang007sheng@163.com

start_iptables(){
    xen_ver=`cat /etc/redhat-release |awk '{print $3}' |awk -F. '{print $1}'`
    if [ $xen_ver -eq 7 ];then
        /bin/systemctl status  iptables.service >/dev/null
        if [ $? -ne 0 ];then
            /bin/systemctl start iptables.service >/dev/null
        fi
    else
        service iptables status >/dev/null
        if [ $? -ne 0 ];then
            service iptables start >/dev/null
        fi
    fi
}

vm_num(){
    while :
    do
        read -p "Please input VM number: [ exp> 10 or 60 ] " num
        if [ `echo "$num" |grep -c '[^0-9]'` -ne 0 ]; then
            echo "Input VM Number  error!!!"
            continue
          else
             if [ "$num" -gt 0 ]; then
                break
             else
                echo "Input VM Number error!!!"
                continue
             fi
          fi
    done
}

#get_vm_vncport(){
#    xenstore-ls /local/domain |grep vnc-port |awk -F= '{print $2}' |sed 's/"//g' >/tmp/vm_vncport.tmp
#}
get_dom0_vncport(){
    dom0_vnc_port=`xenstore-read /local/domain/0/console/vnc-port`
}

drop_vm_vncport(){
max_num=`echo "5900 + $num" |bc`
for((i=5900;i<=$max_num;i++))
do
    iptables -I INPUT -p tcp --dport $i -j DROP >/dev/null
done
#except dom0 VNC port
get_dom0_vncport
iptables -I INPUT -p tcp --dport "$dom0_vnc_port" -j ACCEPT
}

#main
start_iptables
vm_num
drop_vm_vncport
service iptables save
echo "done"
    #!/bin/sh

#ver 0.1 0706/2017 hayden
#this script for enable Xenserver VM VNC Console port
#yelang007sheng@163.com

start_iptables(){
    xen_ver=`cat /etc/redhat-release |awk '{print $3}' |awk -F. '{print $1}'`
    if [ $xen_ver -eq 7 ];then
        /bin/systemctl status  iptables.service >/dev/null
        if [ $? -ne 0 ];then
            /bin/systemctl start iptables.service >/dev/null
        fi
    else
        service iptables status >/dev/null
        if [ $? -ne 0 ];then
            service iptables start >/dev/null
        fi
    fi
}

vm_num(){
    while :
    do
        read -p "Please input VM number: [ exp> 10 or 60 ] " num
        if [ `echo "$num" |grep -c '[^0-9]'` -ne 0 ]; then
            echo "Input VM Number  error!!!"
            continue
          else
             if [ "$num" -gt 0 ]; then
                break
             else
                echo "Input VM Number error!!!"
                continue
             fi
          fi
    done
}

#get_vm_vncport(){
#    xenstore-ls /local/domain |grep vnc-port |awk -F= '{print $2}' |sed 's/"//g' >/tmp/vm_vncport.tmp
#}
get_dom0_vncport(){
    dom0_vnc_port=`xenstore-read /local/domain/0/console/vnc-port`
}

drop_vm_vncport(){
max_num=`echo "5900 + $num" |bc`
for((i=5900;i<=$max_num;i++))
do
    iptables -I INPUT -p tcp --dport $i -j ACCEPT >/dev/null
done
#except dom0 VNC port
get_dom0_vncport
iptables -I INPUT -p tcp --dport "$dom0_vnc_port" -j ACCEPT
}

#main
start_iptables
vm_num
drop_vm_vncport
service iptables save
echo "done"
  • 相关阅读:
    windows 核心编程 第2章 U n i c o d e
    在一个类内不可以定义自身类的对象,为什么定义自身类的静态对象又是正确的
    将JPG图片绘制在对话框背景上:(这段代码绝对可以执行)
    小技巧给CEdit设置字体
    惠普 升级两年保修
    DoModal返回1,对话框不能显示,今天碰到项目在用unicode编码,和多字符编码时候出现的
    MFC 绘图
    CString类所有成员函数详解
    mysql 一些问题
    错误:不能实例化抽象类
  • 原文地址:https://www.cnblogs.com/hayden1106/p/8006565.html
Copyright © 2011-2022 走看看