iptables防火墙脚本

作者:网络医生 发布于:2012-6-12 7:37 Tuesday 分类:shell

#!/bin/bash
#设置环境变量
PATH=$PATH:/usr/local/sbin
export PATH
#打开linux内核转发功能
echo 1 > /proc/sys/net/ipv4/ip_forward
#函数stop,清空规则至初始壮态
stop()
{
    iptables -t nat -P PREROUTING ACCEPT
    iptables -t nat -P POSTROUTING ACCEPT
    iptables -t nat -P OUTPUT  ACCEPT
    iptables -t filter -P INPUT ACCEPT
    iptables -t filter -P OUTPUT ACCEPT
    iptables -t filter -P FORWARD ACCEPT
    iptables -t nat -F
    iptables -t filter -F
}
#函数start,配置防火墙规则
start()
{
    #从eth0接口出去的数据包都进行nat转换
    iptables -t nat -A POSTROUTING -s 10.212.15.0/24 -o eth0 -j SNAT --to 10.212.46.2
   
}

case $1 in
    stop)
        stop
        echo "iptables is stopped"
        ;;
    start)
        start
        echo "iptables is started"
        ;;
    restart)
        stop
        start
        echo "iptables is restarted"
        ;;
     *)
        echo "Usage: $0 start|stop|restart"
        ;;
esac

标签: iptables shell 防火墙

发表评论:

  • 9
  • 8
  • 7
  • 6
  • 3

Powered by emlog