#!/bin/bash
while [ "1" == "1" ]
do
clear
echo "----------------------menu----------------------"
echo "(1) service iptables restart"
echo "(2) iptables add"
echo "(3) iptables delete"
echo "(4) iptables stop"
Echo "(5) iptables Save (не забудьте сохранить и просмотреть)" после потери ACL) ""
echo "(6) iptables status"
echo "(7) iptables ACL list"
echo "(0) exit"
echo "-------------------------------------------------"
echo -n "enter you chose[0-7]:"
read num
if [ ${num} -lt 0 -o ${num} -gt 7 ]
then
echo "this is not between 0-7"
else
if [ "${num}" == "1" ]
then
service iptables restart&
else
if [ "${num}" == "2" ]
#######################################################
then
while [ "1" == "1" ]
do
clear
echo "----------------------add ACL----------------------"
Эхо "(1) добавить"
эхо "(2) добавить"
Echo "(3) ACL Добавление для портов и услуг (здесь для параметров IP и портов, таких как 0/0 80)"
Echo "(4) индивидуальное добавление"
Echo "(5) вернуться на предыдущий уровень"
echo "-------------------------------------------------"
echo -n "enter you chose[0-4]:"
read aclnum
if [ "${aclnum}" == "1" ]
then
read ip
iptables -A INPUT -s ${ip} -p tcp --dport 22 -j ACCEPT
service iptables save
elif [ "${aclnum}" == "2" ]
then
read ip
iptables -A INPUT -p tcp --dport ${IP} -j ACCEPT
service iptables save
elif [ "${aclnum}" == "3" ]
then
read ip port
iptables -A INPUT -p tcp -s ${ip} --dport ${port} -j ACCEPT
service iptables save
elif [ "${aclnum}" == "4" ]
then
read addacl
`${addacl}`
service iptables save
else
break
fi
Echo -n "Хочу продолжать добавлять: [y/n]:"
read contine
if [ "${contine}" == "n" -o "${contine}" == "N" ]
then
break
fi
done
#######################################################
else
if [ "${num}" == "3" ]
then
while [ "1" == "1" ]
do
clear
echo "---------------------delete ACL----------------------"
Echo "(1) Удалить для источника IP"
Echo "(2) Удалить для портов"
Echo "(3) Удалить ACL с портами и услугами"
Echo "(4) Пользовательская удаление"
Echo "(5) вернуться на предыдущий уровень"
echo "-------------------------------------------------"
echo -n "enter you chose[0-5]:"
read aclnum
if [ "${aclnum}" == "1" ]
then
read ip
iptables -D INPUT -s ${ip} -p tcp --dport 22 -j ACCEPT
service iptables save
elif [ "${aclnum}" == "2" ]
then
read port
iptables -D INPUT -p tcp --dport ${port} -j ACCEPT
service iptables save
elif [ "${aclnum}" == "3" ]
then
read ip port
iptables -D INPUT -p tcp -s ${ip} --dport ${port} -j ACCEPT
service iptables save
elif [ "${aclnum}" == "4" ]
then
read deleteacl
`${deleteacl}`
service iptables save
else
break
fi
Echo -n "Хочу продолжать добавлять: [y/n]:"
read contine
if [ "${contine}" == "n" -o "${contine}" == "N" ]
then
break
fi
done
###################################################################
else
if [ "${num}" == "4" ]
then
echo -e "`service iptables stop&` "
else
if [ "${num}" == "5" ]
then
echo -e "`service iptables save&`"
else
if [ "${num}" == "6" ]
then
echo -e "`service iptables status&`"
else
if [ "${num}" == "7" ]
then
while [ "1" == "1" ]
do
clear
echo "---------------------list ACL----------------------"
Echo "(1) Просмотреть в настоящее время используется« набор »
Echo "(2) Просмотреть простую статистику трафика каждой стратегии или каждого правила, каждая цепочка"
Echo "(3) Просмотреть таблицу Nat"
Echo "(4) пользовательский просмотр"
Echo "(5) вернуться на предыдущий уровень"
echo "-------------------------------------------------"
echo -n "enter you chose[0-5]:"
read aclnum
if [ "${aclnum}" == "1" ]
then
iptables -L
elif [ "${aclnum}" == "2" ]
then
iptables -L -n -v
elif [ "${aclnum}" == "3" ]
then
iptables -L -t nat
elif [ "${aclnum}" == "4" ]
then
read listacl
`${listacl}`
else
break
fi
Echo -n "Хочу продолжать добавлять: [y/n]:"
read contine
if [ "${contine}" == "n" -o "${contine}" == "N" ]
then
break
fi
done
################################################
else
exit
fi
fi
fi
fi
fi
fi
fi
fi
echo -n "Do you contine [y/n]:"
read contine
if [ "${contine}" == "n" -o "${contine}" == "N" ]
then
exit
fi
done
Reprinted from: https://www.cnblogs.com/kumulinux/archive/2012/05/24/2808756.html