防火墙配置安装
2020-03-09 本文已影响0人
风起依旧
#!/bin/bash
trusted_sources = ( "$@" )
##$@表示所有参数
##$#表示所有参数的个数
echo "trust $trusted_sources"
echo "enable & start firewalld"
systemctl stop firewalld
systemctl enable firewalld
systemctl start firewalld
firewall-cmd --set-default-zone=public
firewall-cmd --permanent --zone=trusted --add-interface=docker0
firewall-cmd --permanent --zone=trusted --add-port=4243/tcp
for trusted_source in "${ports[@]}";
do
firewall-cmd --permanent --zone=trusted --add-source=$trusted_source
done
ports=(22 80 443 10081 10095)
for port in "${ports[@]}";
do
firewall-cmd --permanent --zone=public --add-port=$port/tcp
firewall-cmd --permanent --zone=public --add-port=$port/udp
done
firewall-cmd --reload
echo "restart docker"
iptables -t filter -F
iptables -t filter -X
systemctl restart docker
echo "Done"
生成json文件
echo '{"dragonBallConfig":{"containerWide":{"framework":{"portMap":[{"inside":22,"outside":11019}],"name":"ad0","dirMap":[],"role":"ad"}}}}'>/opt/dragonball/config/device_$portalip/module/ad_ad0.json
