INTARNDNS="0.0.0.0" #DNS服務(wù)器
INTARNWEB="0.0.0.0" #WEB服務(wù)器
INTARNSSL="0.0.0.0" #SSL服務(wù)器
INTARNRTSP="0.0.0.0" #RTSP服務(wù)器
INTARNMYSQL="0.0.0.0" #MYSQL服務(wù)器
INTARNJABBER="0.0.0.0" #JABBER服務(wù)器
#ADSL撥號網(wǎng)絡(luò)設(shè)備號tun0
ADSLDEV="tun0"
ADSLIP=`ifconfig $ADSLDEV | grep inet | cut -d " " -f 2`
until [ $ADSLIP ]
do
sleep 5
done
#動(dòng)態(tài)生成ipnat.rules規(guī)則
echo "######################################################" > /etc/ipnat.rules
echo "#/etc/ipnat.rules #" >> /etc/ipnat.rules
echo "######################################################" >> /etc/ipnat.rules
echo ""
echo "#把所有的內(nèi)部網(wǎng)絡(luò)IP偽裝成ADSL撥號IP" >> /etc/ipnat.rules
echo "map "$ADSLDEV" "$INTARNNET" -> "$ADSLIP"/32 portmap tcp/udp 10000:65000" >> /etc/ipnat.rules
if [ $INTARNFTP != "0.0.0.0" ]
then
echo ""
echo "#把對ADSL撥號IP的FTP服務(wù)映射到服務(wù)網(wǎng)絡(luò)的FTP服務(wù)器上" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 20 -> "$INTARNFTP" port 20" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 21 -> "$INTARNFTP" port 21" >> /etc/ipnat.rules
fi
if [ $INTARNSSH != "0.0.0.0" ]
then
echo ""
echo "#把對ADSL撥號IP的SSH服務(wù)映射到服務(wù)網(wǎng)絡(luò)的網(wǎng)管工作站上" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 22 -> "$INTARNSSH" port 22" >> /etc/ipnat.rules
fi
if [ $INTARNEMAIL != "0.0.0.0" ]
then
echo ""
echo "#把對ADSL撥號IP的EMAIL服務(wù)映射到服務(wù)網(wǎng)絡(luò)的EMAIL服務(wù)器上" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 25 -> "$INTARNEMAIL" port 25" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 110 -> "$INTARNEMAIL" port 110" >> /etc/ipnat.rules
fi
if [ $INTARNDNS != "0.0.0.0" ]
then
echo ""
echo "#把對ADSL撥號IP的DNS服務(wù)映射到服務(wù)網(wǎng)絡(luò)的DNS服務(wù)器上" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 53 -> "$INTARNDNS" port 53" >> /etc/ipnat.rules
fi
if [ $INTARNWEB != "0.0.0.0" ]
then
echo ""
echo "#把對ADSL撥號IP的WEB服務(wù)映射到服務(wù)網(wǎng)絡(luò)的WEB服務(wù)器上" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 80 -> "$INTARNWEB" port 80" >> /etc/ipnat.rules
fi
if [ $INTARNSSL != "0.0.0.0" ]
then
echo ""
echo "#把對ADSL撥號IP的SSL服務(wù)映射到服務(wù)網(wǎng)絡(luò)的SSL服務(wù)器上" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 443 -> "$INTARNSSL" port 443" >> /etc/ipnat.rules
fi
if [ $INTARNRTSP != "0.0.0.0" ]
then
echo ""
echo "#把對ADSL撥號IP的RTSP服務(wù)映射到服務(wù)網(wǎng)絡(luò)的RTSP服務(wù)器上" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 554 -> "$INTARNRTSP" port 554" >> /etc/ipnat.rules
fi
if [ $INTARNMYSQL != "0.0.0.0" ]
then
echo ""
echo "#把對ADSL撥號IP的MYSQL服務(wù)映射到服務(wù)網(wǎng)絡(luò)的MYSQL服務(wù)器上" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 3306 -> "$INTARNMYSQL" port 3306" >> /etc/ipnat.rules
fi
if [ $INTARNJABBER != "0.0.0.0" ]
then
echo ""
echo "#把對ADSL撥號IP的JABBER(客戶端口5222和服務(wù)器端口5269)服務(wù)映射到服務(wù)網(wǎng)絡(luò)的JABBER服務(wù)器上" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 5222 -> "$INTARNJABBER" port 5222" >> /etc/ipnat.rules
echo "rdr "$ADSLDEV" "$ADSLIP"/32 port 5269 -> "$INTARNJABBER" port 5269" >> /etc/ipnat.rules
fi
#動(dòng)態(tài)生成ipf.rules規(guī)則
echo "#######################################################" > /etc/ipf.rules
echo "#/etc/ipf.rules #" >> /etc/ipf.rules
echo "#######################################################" >> /etc/ipf.rules
echo "#阻塞所有存在安全問題的數(shù)據(jù)包">> /etc/ipf.rules
echo "block in log quick all with short" >> /etc/ipf.rules
echo "block in log quick all with ipopts" >> /etc/ipf.rules
echo "block in log quick all with frag" >> /etc/ipf.rules
echo "block in log quick all with opt lsrr" >> /etc/ipf.rules
推薦閱讀
- 抖音多想手牽手帶你來我世界走一走什么歌 歌詞歌曲分享
- 軍訓(xùn)需要自帶皮帶嗎
- 平字吉祥語
- 帶人的吉祥語
- 帶麗字氣質(zhì)昵稱微信名 帶麗字氣質(zhì)昵稱
- 帶均的吉祥語
- 霸氣帶彬字的名稱
- 帶鼠吉祥語
- 海白菜是海帶嗎
- 燜燒杯可以帶熟飯菜嗎