zoukankan      html  css  js  c++  java

  • iptables控制访问

    #!/usr/bin/env bash
#

set -e
set -x

localIP=`ip a| grep inet|grep -v "127.0.0.1"|awk '{print $2}'|cut -d/ -f1`
if [[ -n $localIP ]];then
	echo "==LocalIP: $localIP"
else 
	echo "==LocalIP: $localIP"
	exit
fi

echo "==Start iptables service"
systemctl start firewall.service
systemctl enable firewall.service

echo "==Clean default iptables rules"
iptables -F

echo "==Accept local"
iptables -A INPUT -s ${localIP} -p tcp --destination-ports 2181 -j ACCEPT
iptables -A INPUT -s localhost -p tcp --destination-ports 2181 -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -p tcp --destination-ports 2181 -j ACCEPT

echo "==Accept other"
iptables -A INPUT -s 11.95.112.0/20 -p tcp --dport 2181 -j ACCEPT
iptables -A INPUT -s 11.93.208.0/20 -p tcp --dport 2181 -j ACCEPT

echo "==Refuse all"
iptables -A INPUT -p tcp --destination-ports 2181 -j DROP

echo "==Storage iptables rules"
cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak
sudo iptables-save -t filter > /etc/sysconfig/iptables
  • 相关阅读:
    Django--form验证及错误处理
    Django--form保存用户输入内容
    Django--static静态文件引用
    Django--ajax
    Django--form基础
    Django--cookie&session
    Django--缓存
    Django--中间件
    oracle——session
    oracle——DDL
  • 原文地址:https://www.cnblogs.com/vinsent/p/12834907.html
Copyright © 2011-2022 走看看