#!/bin/sh
# Name: nat.sh
# Author: Bixuan
# Date: 2003/04/04
echo "Your user the iptables firewall.";
ETH="eno33557248" #有外网IP的网卡
SRC="192.168.1.0/24" # 内网地址段
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/modprobe ip_tables
/sbin/modprobe iptable_filter
/sbin/modprobe iptable_nat
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_nat_ftp
/sbin/iptables -F INPUT
/sbin/iptables -F FORWARD
/sbin/iptables -F POSTROUTING -t nat
/sbin/iptables -P FORWARD DROP
/sbin/iptables -t nat -A POSTROUTING -o $ETH -s $SRC -j MASQUERADE
/sbin/iptables -A FORWARD -i $ETH -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A FORWARD -s $SRC -j ACCEPT
echo "Docker restarting ......"
systemctl restart docker.service #add
docker start nginx #add
echo "Nat is strating ...... [ OK ]"
;;
stop)
echo 0 > /proc/sys/net/ipv4/ip_forward
;;
*)
echo $"Usage: $0 {start|stop}";
esac
cetos网络共享脚本
最新推荐文章于 2023-04-26 16:51:54 发布