问答博客资讯标签用户活动
logo极客观点logo项目管理logoHarmonyOS
javascript
前端
python
node.js
react
vue.js
php
laravel
go
人工智能
mysql
linux
ios
java
android
css
typescript
spring
程序员
logoONES 研发管理logo思否企业问答logo安谋科技 XPU

liunx iptables 命令执行报错

头像
stephen2017
    1512292850
    iptables -A OUTPUT -j DROP -d 203.76.217.163
iptables -A OUTPUT -j DROP -d 119.29.126.181
iptables -A OUTPUT -j DROP -d 101.236.13.2
iptables -A OUTPUT -j DROP -d 103.37.154.74
iptables -A OUTPUT -j DROP -d 103.37.142.149
iptables -A OUTPUT -j DROP -d 101.236.12.16
iptables -A OUTPUT -j DROP -d 103.37.152.51
iptables -A OUTPUT -j DROP -d 36.110.144.18
iptables -A OUTPUT -j DROP -d 103.37.153.12
iptables -A OUTPUT -j DROP -d 203.119.216.255
iptables -A OUTPUT -j DROP -d 203.119.128.4
iptables -A OUTPUT -j DROP -d 106.11.43.70
iptables -A OUTPUT -j DROP -d 203.119.201.255

    如何在linux 下面一次批量执行这么多命令 ,我写了shell 报错,

    linux运维
    阅读 1.4k
    1 个回答
    得票最新
    头像
    用户bPcLWff
      9372518
      执行 iptables-save -t filter > iptables.bak 保存现有filter表的iptables规则,按照这个文件的格式修改你要的规则
      # Generated by iptables-save v1.4.21 on Tue Jul  6 22:06:10 2021
*filter
:INPUT ACCEPT [869339462:727549329040]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [916593905:743590225564]
:DOCKER - [0:0]
:DOCKER-ISOLATION-STAGE-1 - [0:0]
:DOCKER-ISOLATION-STAGE-2 - [0:0]
:DOCKER-USER - [0:0]
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION-STAGE-1
-A FORWARD -o br-c44add6a22ae -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o br-c44add6a22ae -j DOCKER
-A FORWARD -i br-c44add6a22ae ! -o br-c44add6a22ae -j ACCEPT
-A FORWARD -i br-c44add6a22ae -o br-c44add6a22ae -j ACCEPT
-A FORWARD -o br-d2f0434f439d -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o br-d2f0434f439d -j DOCKER
-A FORWARD -i br-d2f0434f439d ! -o br-d2f0434f439d -j ACCEPT
-A FORWARD -i br-d2f0434f439d -o br-d2f0434f439d -j ACCEPT
-A FORWARD -o br-04478f53e4c7 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o br-04478f53e4c7 -j DOCKER
-A FORWARD -i br-04478f53e4c7 ! -o br-04478f53e4c7 -j ACCEPT
-A FORWARD -i br-04478f53e4c7 -o br-04478f53e4c7 -j ACCEPT
-A FORWARD -o br-bc9f9d002949 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o br-bc9f9d002949 -j DOCKER
-A FORWARD -i br-bc9f9d002949 ! -o br-bc9f9d002949 -j ACCEPT
-A FORWARD -i br-bc9f9d002949 -o br-bc9f9d002949 -j ACCEPT
-A FORWARD -o br-37680ddc0a9e -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

      执行这个命令批量刷新规则使其生效 iptables-restore < iptables.bak
      或者你写个for循环一条一条插入。
      撰写回答
      你尚未登录,登录后可以
      • 和开发者交流问题的细节
      • 关注并接收问题和回答的更新提醒
      • 参与内容的编辑和改进,让解决方法与时俱进
      推荐问题