#!/bin/bashwhile [ "1" == "1" ]doclearecho "----------------------menu----------------------"echo "(1) service iptables restart"echo "(2) iptables add"echo "(3) iptables delete"echo "(4) iptables stop"echo "(5) iptables save(輸完ACL後要記得儲存和查看)"echo "(6) iptables status"echo "(7) iptables ACL list"echo "(0) exit"echo "-------------------------------------------------"echo -n "enter you chose[0-7]:"read numif [ ${num} -lt 0 -o ${num} -gt 7 ] then echo "this is not between 0-7"else if [ "${num}" == "1" ] then service iptables restart&else if [ "${num}" == "2" ]####################################################### then while [ "1" == "1" ] do clear echo "----------------------add ACL----------------------" echo "(1) 針對源IP允許存取添加" echo "(2) 針對伺服器連接埠允許存取添加" echo "(3) 針對有連接埠和服務的ACL添加(這裡要參數IP和連接埠 例如 0/0 80)" echo "(4) 自訂添加" echo "(5) 退回上一級" echo "-------------------------------------------------" echo -n "enter you chose[0-4]:" read aclnum if [ "${aclnum}" == "1" ] then read ip iptables -A INPUT -s ${ip} -p tcp --dport 22 -j ACCEPT service iptables save elif [ "${aclnum}" == "2" ] then read ip iptables -A INPUT -p tcp --dport ${IP} -j ACCEPT service iptables save elif [ "${aclnum}" == "3" ] then read ip port iptables -A INPUT -p tcp -s ${ip} --dport ${port} -j ACCEPT service iptables save elif [ "${aclnum}" == "4" ] then read addacl `${addacl}` service iptables save else break fi echo -n "是否想繼續添加: [y/n]:" read contine if [ "${contine}" == "n" -o "${contine}" == "N" ] then break fi done#######################################################else if [ "${num}" == "3" ] then while [ "1" == "1" ] do clear echo "---------------------delete ACL----------------------" echo "(1) 針對源ip刪除" echo "(2) 針對連接埠刪除" echo "(3) 針對有連接埠和服務的ACL刪除" echo "(4) 自訂刪除" echo "(5) 退回上一級" echo "-------------------------------------------------" echo -n "enter you chose[0-5]:" read aclnum if [ "${aclnum}" == "1" ] then read ip iptables -D INPUT -s ${ip} -p tcp --dport 22 -j ACCEPT service iptables save elif [ "${aclnum}" == "2" ] then read port iptables -D INPUT -p tcp --dport ${port} -j ACCEPT service iptables save elif [ "${aclnum}" == "3" ] then read ip port iptables -D INPUT -p tcp -s ${ip} --dport ${port} -j ACCEPT service iptables save elif [ "${aclnum}" == "4" ] then read deleteacl `${deleteacl}` service iptables save else break fi echo -n "是否想繼續添加: [y/n]:" read contine if [ "${contine}" == "n" -o "${contine}" == "N" ] then break fi done################################################################### else if [ "${num}" == "4" ] then echo -e "`service iptables stop&` "else if [ "${num}" == "5" ] then echo -e "`service iptables save&`"else if [ "${num}" == "6" ] then echo -e "`service iptables status&`"else if [ "${num}" == "7" ] then while [ "1" == "1" ] do clear echo "---------------------list ACL----------------------" echo "(1) 查看當前正在使用的規則集" echo "(2) 查看每個策略或每條規則、每條鏈的簡單流量統計" echo "(3) 查看NAT表" echo "(4) 自訂查看" echo "(5) 退回上一級" echo "-------------------------------------------------" echo -n "enter you chose[0-5]:" read aclnum if [ "${aclnum}" == "1" ] then iptables -L elif [ "${aclnum}" == "2" ] then iptables -L -n -v elif [ "${aclnum}" == "3" ] then iptables -L -t nat elif [ "${aclnum}" == "4" ] then read listacl `${listacl}` else break fi echo -n "是否想繼續添加: [y/n]:" read contine if [ "${contine}" == "n" -o "${contine}" == "N" ] then break fi done################################################else exitfi fi fi fi fi fi fi fiecho -n "Do you contine [y/n]:"read contineif [ "${contine}" == "n" -o "${contine}" == "N" ] then exitfidoneStart building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
