在工作中发现自行写的脚本需要建立服务方便管理
如下: 建立业务脚本 [root@yxh_johan ~]# cat /etc/iptables.sh #! /bin/sh
iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT
iptables -F
iptables -A INPUT -s 112.28.209.202/32 -j DROP iptables -A INPUT -s 47.239.137.169/32 -j DROP iptables -A INPUT -s 47.111.73.204/32 -j DROP iptables -A INPUT -s 64.62.156.0/24 -j DROP iptables -A INPUT -s 64.62.156.0/24 -j DROP iptables -A INPUT -s 47.111.73.0/24 -j DROP iptables -A INPUT -s 112.13.87.0/24 -j DROP iptables -A INPUT -s 101.37.89.0/24 -j DROP iptables -A INPUT -s 101.37.0.0/16 -j DROP iptables -A INPUT -s 47.84.0.0/16 -j DROP iptables -A INPUT -s 49.0.0.0/8 -j DROP iptables -A INPUT -s 188.0.0.0/8 -j DROP iptables -A INPUT -s 8.217.0.0/16 -j DROP iptables -A INPUT -s 183.56.0.0/16 -j DROP iptables -A INPUT -s 152.32.0.0/16 -j DROP iptables -A INPUT -s 121.199.17.0/24 -j DROP iptables -A INPUT -s 65.49.1.0/24 -j DROP iptables -A INPUT -s 101.37.89.0/24 -j DROP iptables -A INPUT -s 118.121.197.0/24 -j DROP iptables -A INPUT -s 103.106.105.0/24 -j DROP iptables -A INPUT -s 113.46.193.0/24 -j DROP iptables -A INPUT -s 198.38.88.182/32 -j DROP iptables -A INPUT -s 45.78.196.218/32 -j DROP iptables -A INPUT -s 64.62.156.212/32 -j DROP iptables -A INPUT -s 65.49.0.0/16 -j DROP iptables -A INPUT -s 64.0.0.0/8 -j DROP iptables -A INPUT -s 124.225.163.45/32 -j DROP iptables -A INPUT -s 124.225.0.0/16 -j DROP iptables -A INPUT -s 49.234.0.0/16 -j DROP iptables -A INPUT -s 47.239.0.0/16 -j DROP iptables -A INPUT -s 112.13.87.115/32 -j DROP iptables -A INPUT -s 47.236.0.0/16 -j DROP iptables -A INPUT -s 94.0.0.0/8 -j DROP
while true;do wait 10000 done
建立服务 [root@yxh_johan ~]# cat /etc/systemd/system/iptablesrule.service [Unit]
Description = iptables rule server After = network.target syslog.target Wants = network.target
[Service] Type = simple
ExecStart = /usr/bin/sh /etc/iptables.sh User=root Group=root
[Install] WantedBy = multi-user.target
查看服务status [root@yxh_johan ~]# systemctl status iptablesrule ● iptablesrule.service - iptables rule server Loaded: loaded (/etc/systemd/system/iptablesrule.service; enabled; vendor preset: disabled) Active: active (running) since Thu 2025-08-07 10:02:41 CST; 22min ago Main PID: 3430 (sh) CGroup: /system.slice/iptablesrule.service └─3430 /usr/bin/sh /etc/iptables.sh
Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell Aug 07 10:24:41 yxh_johan sh[3430]: /etc/iptables.sh: line 45: wait: pid 10000 is not a child of this shell [root@yxh_johan ~]# | 
楼主
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
