Last active
February 24, 2017 04:41
-
-
Save takenoko-str/fd8221c8f18a309d7455d3983bf31e66 to your computer and use it in GitHub Desktop.
A primitive script that delete ip addr on iptables.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
IPTABLES_POLICY=/etc/sysconfig/iptables | |
function usage { | |
cat <<EOF | |
$(basename ${0}) is a tool for ... | |
Usage: | |
$(basename ${0}) [command] [<options>] | |
Options: | |
--debug set -x | |
--ip set ip address | |
--line set line | |
--show print iptable policy list | |
--help, -h print this | |
EOF | |
} | |
if [ "$#" -eq 0 ]; then | |
echo -e "\033[31m[EMPTY]\033[m no arguments $1" | |
usage | |
exit 1 | |
fi | |
while [ "$#" -gt 0 ]; | |
do | |
case "$1" in | |
--debug) | |
set -x | |
;; | |
--ip) | |
ADDR=${2} | |
shift | |
;; | |
--line) | |
LINE=${2} | |
shift | |
;; | |
--show) | |
iptables -L -n --line-number | |
exit 1 | |
;; | |
--help|-h|help) | |
usage | |
exit 1 | |
;; | |
* ) | |
echo -e "\033[31m[ERROR]\033[m Invalid option $1" | |
usage | |
exit 1 | |
;; | |
esac | |
shift | |
done | |
if [ -z "$ADDR" ]; then | |
echo "BLANK ADDRESS IS NOT ALLOWED" | |
exit 1 | |
fi | |
if [ -z "$LINE" ]; then | |
echo "BLANK LINE IS NOT ALLOWED" | |
exit 1 | |
fi | |
echo add ip addr $ADDR | |
echo insert after line:$LINE | |
iptables-save > ${IPTABLES_POLICY}.$(date +"%Y%m%d") | |
iptables -I INPUT $LINE -s $ADDR -p tcp --dport 21 -j ACCEPT | |
iptables -I INPUT $LINE -s $ADDR -p tcp --dport 60000:61000 -j ACCEPT | |
iptables-save > ${IPTABLES_POLICY} | |
iptables -L -n --line-number | grep $ADDR |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
IPTABLES_POLICY=/etc/sysconfig/iptables | |
function usage { | |
cat <<EOF | |
$(basename ${0}) is a tool for ... | |
Usage: | |
$(basename ${0}) [command] [<options>] | |
Options: | |
--debug set -x | |
--ip delete ip address | |
--show print iptable policy list | |
--help, -h print this | |
EOF | |
} | |
if [ "$#" -eq 0 ]; then | |
echo -e "\033[31m[EMPTY]\033[m no arguments $1" | |
usage | |
exit 1 | |
fi | |
while [ "$#" -gt 0 ]; | |
do | |
case "$1" in | |
--debug) | |
set -x | |
;; | |
--ip) | |
ADDR=${2} | |
shift | |
;; | |
--show) | |
iptables -L -n --line-number | |
exit 1 | |
;; | |
--help|-h|help) | |
usage | |
exit 1 | |
;; | |
* ) | |
echo -e "\033[31m[ERROR]\033[m Invalid option $1" | |
usage | |
exit 1 | |
;; | |
esac | |
shift | |
done | |
if [ -z "$ADDR" ]; then | |
echo "BLANK ADDRESS IS NOT ALLOWED" | |
exit 1 | |
fi | |
iptables-save > ${IPTABLES_POLICY}.$(date +"%Y%m%d") | |
while : | |
do | |
LINE=$(iptables -L -n --line-number | grep $ADDR | awk '{print $1}' | head -1) | |
if [ -z "$LINE" ]; then | |
break | |
fi | |
iptables -D INPUT $LINE | |
iptables-save > ${IPTABLES_POLICY} | |
done | |
iptables -L -n --line-number | grep $ADDR |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment