判断允许192段位的ip访问,拒绝172段位的ip访问
创建一个放置脚本的目录:
[root@localhost ~]# mkdir /shell
编辑一个文档,写入要查询的ip:
[root@localhost ~]# vim ip.txt
192.168.136.1
192.168.136.2
192.168.136.3
172.168.136.1
172.168.136.2
172.168.136.3
编辑脚本:
[root@localhost ~]# vim /shell/if.sh
#!/bin/bash
ip=(`cat /root/ip.txt`)
for i in ${ip[*]}
do
if [[ $i == '192'* ]] ;then
echo " $i 允许通过"
else
iptables -A INPUT -s $i -j DROP
echo " $i drop掉了"
fi
done
测试
[root@localhost ~]# cd /shell
[root@localhost shell]# sh if.sh