Use shell scripts to add or delete the iptables command

Previously, the script used the save mode. Now, the command is appended to a file. In this way, you can easily modify the file twice.

The script is basically like this. You can modify it as needed ~ Add functions or something.

#! /Bin/bashwhile truedoclearecho "---------------------- menu --------------------" echo "(1) service iptables restart" echo "(2) iptables add" echo "(3) iptables delete" echo "(4) iptables stop "echo" (5) iptables save (this mode is not recommended) "echo" (6) iptables status "echo" (7) iptables ACL list "echo" (0) exit "echo" will generate a fw under the current directory. sh file "echo" ------------------------------------------------- "echo-n" enter you chose [0-7]: "read numif [$ {num}-lt 0-o $ {num}-gt 7] then echo" this is not between 0-7 "else if [" $ {num} "=" 1 "] then service iptables restart & else if [" $ {num} "=" 2 "] ############ ######################################## # then while ["1" = "1"] do clear echo "------------------------ add ACL ----------------------" echo "(1) add "echo" for source IP address access (2) Add "echo" for server port access (3) add the ACL with ports and services (here we need to add the parameter IP address and port such as 0/0 80) "echo" (4) custom Add "echo" (5) return to "echo" --------------------------------------------------- "echo-n" enter you chose [0-4]: "read aclnum if [" $ {aclnum} "=" 1 "] then read ip iptables-a input-s $ {ip}-p tcp -- dport 22-j ACCEPT echo "iptables-a input-s $ {ip}-p tcp -- dport 22-j ACCEPT"> fw. sh # service iptables save elif ["$ {aclnum}" = "2"] then rad ip iptables-a input-p tcp -- dport $ {IP}-j ACCEPT echo" iptables-a input-p tcp -- dport $ {IP}-j ACCEPT "> fw. sh # service iptables save elif ["$ {aclnum}" = "3"] then read ip port iptables-a input-p tcp-s $ {ip} -- dport $ {port}-j ACCEPT echo "iptables-a input-p tcp-s $ {ip} -- dport $ {port}-j ACCEPT"> fw. sh # service iptables save elif ["$ {aclnum}" = "4"] then read addacl '$ {addacl}' service iptables save else break fi echo-n "do you want add more: [y/n]: "read contine if [" $ {contine} "=" n "-o" $ {contine} "=" N "] then break fi done ###### ######################################## ######## else if ["$ {num}" = "3"] then while ["1" = "1"] do clear echo" --------------------- delete ACL -------------------- "echo" (1) delete "echo" for source ip address (2) Delete "echo" for port (3) Delete "echo" for ACL with port and Service (4) custom deletion "echo" (5) returned to the previous "echo" ------------------------------------------------- "echo-n" enter you chose [0-5]: "read aclnum if [" $ {aclnum} "=" 1 "] then read ip iptables-d input-s $ {ip}-p tcp -- dport 22-j ACCEPT echo "iptables-d input-s $ {ip}-p tcp -- dport 22-j ACCEPT"> fw. sh # service iptables save elif ["$ {aclnum}" = "2"] then read port iptables-d input-p tcp -- dport $ {port}-j ACCEPT echo" iptables-d input-p tcp -- dport $ {port}-j ACCEPT "> fw. sh # service iptables save elif ["$ {aclnum}" = "3"] then read ip port iptables-d input-p tcp-s $ {ip} -- dport $ {port}-j ACCEPT echo "iptables-d input-p tcp-s $ {ip} -- dport $ {port}-j ACCEPT"> fw. sh # service iptables save elif ["$ {aclnum}" = "4"] then read deleteacl '$ {deleteacl} 'service iptables save else break fi echo-n "do you want add more: [y/n]: "read contine if [" $ {contine} "=" n "-o" $ {contine} "=" N "] then break fi done ###### ######################################## #################### else if ["$ {num}" = "4"] then echo-e "'service iptables stop & '" else if ["$ {num}" = "5"] then echo-e "'service iptables save &'" else if ["$ {num} "=" 6 "] then echo-e" 'service iptables status & '"else if [" $ {num} "=" 7 "] then while ["1" = "1"] do clear echo "----------------------- list ACL --------------------" echo "(1) view the currently used Rule Set "echo" (2) view the simple traffic statistics for each policy or rule and chain "echo" (3) view NAT table "echo" (4) custom view "echo" (5) return to previous level "echo" ------------------------------------------------- "echo-n" enter you chose [0-5]: "read aclnum if [" $ {aclnum} "=" 1 "] then iptables-L elif [" $ {aclnum} "=" 2 "] then iptables-L- n-v elif ["$ {aclnum}" = "3"] then iptables-L-t nat elif ["$ {aclnum}" = "4"] then read listacl '$ {listacl}' else break fi echo-n: [y/n]: "read contine if [" $ {contine} "=" n "-o" $ {contine} "=" N "] then break fi done ###### ######################################## # else exitfi fi fiecho-n "Do you contine [y/n]: "read contineif [" $ {contine} "=" n "-o" $ {contine} "=" N "] then exitfidone

This article is from "Fengyun, it's her ." Blog, please be sure to keep this source http://rfyiamcool.blog.51cto.com/1030776/951025