linux建立服务V2

iptables 防火墙 过滤脚本配置
[root@yxh_johan ~]# cat /etc/iptables.sh
#! /bin/sh

iptables -P  INPUT  ACCEPT
iptables -P  OUTPUT  ACCEPT
iptables -P  FORWARD  ACCEPT

iptables -F

iptables -A INPUT -s   183.214.227.0/24 -j ACCEPT
iptables -A INPUT -s   74.0.0.0/8 -j DROP
iptables -A INPUT -s 112.28.209.202/32 -j DROP
iptables -A INPUT -s 47.239.137.169/32 -j DROP
iptables -A INPUT -s 47.111.73.204/32 -j DROP
iptables -A INPUT -s 64.62.156.0/24 -j DROP
iptables -A INPUT -s 64.62.156.0/24 -j DROP
iptables -A INPUT -s 47.111.73.0/24 -j DROP
iptables -A INPUT -s 112.13.87.0/24 -j DROP
iptables -A INPUT -s 101.37.89.0/24 -j DROP
iptables -A INPUT -s 101.37.0.0/16 -j DROP
iptables -A INPUT -s 47.84.0.0/16 -j DROP
iptables -A INPUT -s 49.0.0.0/8 -j DROP
iptables -A INPUT -s 188.0.0.0/8 -j DROP
iptables -A INPUT -s 8.217.0.0/16 -j DROP
iptables -A INPUT -s 183.56.0.0/16 -j DROP
iptables -A INPUT -s 152.32.0.0/16 -j DROP
iptables -A INPUT -s 121.199.17.0/24 -j DROP
iptables -A INPUT -s 65.49.1.0/24 -j DROP
iptables -A INPUT -s 101.37.89.0/24 -j DROP
iptables -A INPUT -s 118.121.197.0/24 -j DROP
iptables -A INPUT -s 103.106.105.0/24 -j DROP
iptables -A INPUT -s 113.46.193.0/24 -j DROP
iptables -A INPUT -s 198.38.88.182/32 -j DROP
iptables -A INPUT -s 45.78.196.218/32 -j DROP
iptables -A INPUT -s 64.62.156.212/32 -j DROP
iptables -A INPUT -s 65.49.0.0/16 -j DROP
iptables -A INPUT -s 64.0.0.0/8 -j DROP
iptables -A INPUT -s 124.225.163.45/32 -j DROP
iptables -A INPUT -s 124.225.0.0/16 -j DROP
iptables -A INPUT -s 49.234.0.0/16 -j DROP
iptables -A INPUT -s 47.239.0.0/16 -j DROP
iptables -A INPUT -s 112.13.87.115/32 -j DROP
iptables -A INPUT -s 47.236.0.0/16 -j DROP
iptables -A INPUT -s 94.0.0.0/8 -j DROP
iptables -A INPUT -s 61.0.0.0/8 -j DROP
iptables -A INPUT -s   113.0.0.0/8 -j DROP
iptables -A INPUT -s   47.0.0.0/8 -j DROP
iptables -A INPUT -s   112.0.0.0/8 -j DROP
iptables -A INPUT -s   68.0.0.0/8 -j DROP
iptables -A INPUT -s   188.0.0.0/8 -j DROP
iptables -A INPUT -s   190.119.63.81/32 -j DROP
iptables -A INPUT -s   8.0.0.0/8 -j DROP
iptables -A INPUT -s   151.0.0.0/8 -j DROP
iptables -A INPUT -s   74.0.0.0/8 -j DROP
iptables -A INPUT -s   34.0.0.0/8 -j DROP
iptables -A INPUT -s   103.0.0.0/8 -j DROP
iptables -A INPUT -s   190.0.0.0/8 -j DROP
iptables -A INPUT -s   33.0.0.0/8 -j DROP
iptables -A INPUT -s   42.0.0.0/8 -j DROP
iptables -A INPUT -s   18.0.0.0/8 -j DROP
iptables -A INPUT -s   182.0.0.0/8 -j DROP
iptables -A INPUT -s   39.0.0.0/8 -j DROP
iptables -A INPUT -s   163.0.0.0/8 -j DROP
iptables -A INPUT -s   183.0.0.0/8 -j DROP
iptables -A INPUT -s   164.0.0.0/8 -j DROP
iptables -A INPUT -s   184.0.0.0/8 -j DROP
iptables -A INPUT -s   103.0.0.0/8 -j DROP
iptables -A INPUT -s   93.0.0.0/8 -j DROP
iptables -A INPUT -s   94.0.0.0/8 -j DROP
iptables -A INPUT -s   92.0.0.0/8 -j DROP
iptables -A INPUT -s   91.0.0.0/8 -j DROP
iptables -A INPUT -s   184.105.139.106/32 -j DROP

iptables -A INPUT -s   106.0.0.0/8 -j DROP
iptables -A INPUT -s   143.0.0.0/8 -j DROP

while true;do

#sleep 1000d

wait  1&>/dev/null

done

[root@yxh_johan ~]#

iptables防火墙stop脚本

[root@yxh_johan ~]# cat /etc/iptablestop.sh

#! /sbin/bash

/usr/sbin/iptables -P   INPUT ACCEPT;/usr/sbin/iptables -P   OUTPUT ACCEPT;/usr/sbin/iptables -F;/usr/sbin/iptables -Z

echo " clear iptables  rule ok !"

[root@yxh_johan ~]#

iptables防火墙建立系统服务器

[root@yxh_johan ~]# cat /etc/systemd/system/iptablesrule.service

[Unit]

Description = iptables rule  server

After = network.target syslog.target

Wants = network.target

[Service]

Type = simple

#KillSignal=SIGQUIT

TimeoutStopSec=5

KillMode=process

PrivateTmp=true

StandardOutput=syslog

StandardError=inherit

ExecStart = /usr/bin/sh  /etc/iptables.sh

ExecStop = /usr/bin/sh  /etc/iptablestop.sh

User=root

Group=root

[Install]

WantedBy = multi-user.target

systemctl status iptablesrule.service

[root@yxh_johan ~]# systemctl    status    iptablesrule

● iptablesrule.service - iptables rule  server

   Loaded: loaded (/etc/systemd/system/iptablesrule.service; enabled; vendor preset: disabled)

   Active: active (running) since Mon 2025-08-18 09:30:39 CST; 1h 54min ago

  Process: 15706 ExecStop=/usr/bin/sh /etc/iptablestop.sh (code=exited, status=0/SUCCESS)

Main PID: 15724 (sh)

   CGroup: /system.slice/iptablesrule.service

           ├─ 1114 sleep 1000d

           ├─ 7805 sleep 1000d

           ├─ 8087 sleep 1000d

           ├─ 8794 sleep 1000d

           ├─ 8871 sleep 1000d

           ├─14872 sleep 1000d

           ├─14951 sleep 1000d

           ├─15161 sleep 1000d

           ├─15240 sleep 1000d

           ├─15346 sleep 1000d

           ├─15448 sleep 1000d

           ├─15569 sleep 1000d

           ├─15724 /usr/bin/sh /etc/iptables.sh

           └─15794 sleep 1000d

Aug 18 09:30:39 yxh_johan systemd[1]: Started iptables rule  server.

iptables -nv --line -L

systemctl    stop  iptablesrule

systemctl    status    iptablesrule

systemctl    restart  iptablesrule