环境准备
准备一台Centos6服务器
系统: Centos6.8
内存:1G
cpu: 2核
IP地址: 10.0.0.22
vim iptables.sh
#!/bin/bash
function ASK(){
read -ep "是否继续添加规则(y/n):" ask
case $ask in
y|Y)
continue
;;
n|N)
echo "退出程序"
exit
esac
}
while true
do
echo -e " 1.放行端口
2.封锁端口
3.放行ip
4.封锁ip"
read -ep "请选择你的操作:" menu
case $menu in
1)
read -ep "请输入要放行的端口:" PORT
echo "正在放行$PORT...."
sleep 1
iptables -I INPUT -p tcp --dport $PORT -j ACCEPT
echo "放行$PORT成功"
ASK
;;
2)
read -ep "请输入要封锁的端口:" PORT
echo "正在封锁$PORT...."
sleep 1
iptables -I INPUT -p tcp --dport $PORT -j DROP
echo "封锁$PORT成功"
ASK
;;
3)
read -ep "请输入要放行的IP地址:" IP
echo "正在放行$IP...."
sleep 1
iptables -I INPUT -s $IP -j ACCEPT
echo "放行$IP成功"
ASK
;;
4)
read -ep "请输入要封锁的IP地址:" IP
echo "正在封锁$IP...."
sleep 1
iptables -I INPUT -s $IP -j DROP
echo "封锁$IP成功"
ASK
;;
*)
echo "输入有误,退出脚本!"
exit
esac
done
sh iptables.sh
yum -y install httpd
cd /var/www/html/
vim index.html
iptables
封锁端口之前效果可以正常访问测试WEB页面
封锁端口之后效果