De Wiki Clusterlab.com.br
Ir para navegação
Ir para pesquisar
#!/bin/bash
function CLEARRULES() {
iptables -F
iptables -X
}
function HELP() {
echo -e "\e[41mErro\e[0m"
}
function CHAIN() {
if [ $# -eq 0 ]
then
HELP
$0 stop
exit 1
else
OPTION=$(echo $1 | tr '[A-Z]' '[a-z]')
case $OPTION in
create)
iptables -N $2
iptables -I $2 -p all -j DROP
iptables -I INPUT -p all -s 0.0.0.0/0 -j $2
;;
allow)
iptables -I $2 -p $3 --dport $4 -s $5 -j ACCEPT
;;
*)
HELP
$0 stop
exit 1
;;
esac
fi
}
ARRAY=(
any:0.0.0.0/0:tcp:22
server1:192.168.56.1/32:tcp:8383,8384,8385
server2:192.168.56.2/32:tcp:8383,8384,8385
server3:192.168.56.3/32:tcp:8383,8384,8385
server4:192.168.56.4/32:tcp:8383,8384,8385
server5:192.168.56.5/32:tcp:8383,8384,8385
)
if [ $# -eq 0 ]
then
HELP
exit 1
else
OPTION=$(echo $1 | tr '[A-Z]' '[a-z]')
case $OPTION in
stop)
CLEARRULES
;;
start)
CHAIN create BLOQUEIO
for i in ${ARRAY[@]}
do
echo $i | tr ':' ' '| \
while read SOURCENAME SOURCE PROTOCOL PORTS
do
echo $PORTS | tr ',' '\n' | \
while read PORT
do
CHAIN allow BLOQUEIO $PROTOCOL $PORT $SOURCE
done
done
done
;;
status)
iptables -L -n
;;
restart)
echo $0 stop
echo $0 start
echo $0 status
;;
*)
HELP
exit 1
esac
fi