centos6,centos7 根據ip地址列表檔案進行防火牆封殺的shell指令碼
阿新 • • 發佈:2018-12-14
centos6 shell指令碼如下:
cat $1 | while read line
do
iptables -I OUTPUT -s ${line%.*}.0/24 -j DROP
iptables -I INPUT -s ${line%.*}.0/24 -j DROP
echo "File:${line%.*}"
done
service iptables save
service iptables restart
echo "done"
centos7 shell指令碼如下:
cat $1 | while read line do firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="'${line}'" drop' echo "File:${line}" done firewall-cmd --reload service firewalld restart echo "done"
黑客ip地址列表範例檔案 ip.txt
117.50.48.6 122.114.231.114 159.89.142.172 58.218.66.104 183.131.83.112 223.112.190.70 47.90.92.121 218.60.67.75 89.248.168.171 140.143.208.71 58.218.66.104 222.73.85.188 222.73.85.111 183.131.83.36 80.211.64.182 45.6.188.2 222.186.153.206 42.51.12.33 114.116.69.119 183.131.83.50 112.213.121.199 218.60.67.79 47.90.244.131 114.116.69.119 183.131.83.112 123.249.9.107 58.218.66.104 47.88.60.73 213.136.94.246 158.69.241.103 89.248.168.171 211.159.150.15 122.114.31.128 58.218.56.89 50.62.6.14 222.240.241.27 50.62.6.14 222.240.241.27 156.237.129.203 223.112.190.70 183.131.83.112 61.176.193.3 111.73.46.154 58.218.56.89 213.23.12.149 79.61.177.116 103.224.251.151 218.93.201.199 202.114.144.230 123.249.9.149 211.144.157.50 213.128.88.99 123.249.42.97 45.249.94.214 111.73.46.19 183.131.83.36 218.3.54.153 213.136.94.246 111.73.46.19 104.211.223.219 27.148.156.41 58.221.57.5 218.2.0.70 117.239.150.75 218.2.0.70 218.93.201.199 211.144.157.50 43.255.31.76 202.43.154.162 218.93.201.199 218.60.67.79 202.43.154.162 80.15.195.37 211.144.157.50 114.116.69.119 118.24.100.142 202.43.154.162 218.93.201.199 58.221.57.5 162.221.185.58 50.62.6.14 51.38.203.146 81.17.25.29 168.121.239.240 189.91.32.89 111.231.68.208 213.136.94.246 43.255.31.76 111.73.46.37 111.73.46.19 183.131.83.17 123.249.9.126 61.160.212.149 41.242.112.218 61.160.212.149 123.249.9.74 118.69.37.227 117.50.34.162 92.56.236.155 101.254.225.93 69.64.78.58 125.220.159.168 101.254.150.210 111.67.197.2 211.144.157.50 221.205.118.253 117.50.34.162 183.131.83.5 218.93.201.199 118.25.217.217 203.189.234.208 58.218.56.81 115.215.221.114 156.232.158.52 218.93.201.199
centos6呼叫範例:
./fs.sh ip.txt
centos7呼叫範例:
./fs.sh ip.txt
大體思想就是通過shell指令碼迴圈按行讀取需要封殺的ip地址列表檔案,然後執行封殺操作,最後重啟防火牆!