From 54ba832c0c65b6ddf2696386d0de9975a43ea8be Mon Sep 17 00:00:00 2001 From: Randall Date: Fri, 5 Jul 2024 11:26:03 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=20vpn/open=5Fvpn=5Fport/open?= =?UTF-8?q?=5Fvpn=5Fport.sh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- vpn/open_vpn_port/open_vpn_port.sh | 63 ++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 vpn/open_vpn_port/open_vpn_port.sh diff --git a/vpn/open_vpn_port/open_vpn_port.sh b/vpn/open_vpn_port/open_vpn_port.sh new file mode 100644 index 0000000..7b56dff --- /dev/null +++ b/vpn/open_vpn_port/open_vpn_port.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +# 更新包管理器并安装 iptables-persistent 以便在重启后保存规则 +install_iptables() { + echo "正在安装iptables..." + apt-get update + apt-get install -y iptables ip6tables iptables-persistent +} + +# 配置 ufw +configure_ufw() { + echo "配置ufw规则" + + # 允许所有IP访问2087, 2088, 2089端口,使用TCP和UDP协议 + for port in 2087 2088 2089; do + ufw allow $port/tcp + ufw allow $port/udp + done + + # 启用ufw + ufw reload + + # 显示当前的ufw状态 + ufw status verbose +} + +# 配置 iptables +configure_iptables() { + echo "配置iptables规则" + + # 允许所有IP访问2087, 2088, 2089端口,使用TCP和UDP协议 + for port in 2087 2088 2089; do + iptables -A INPUT -p tcp --dport $port -j ACCEPT + iptables -A INPUT -p udp --dport $port -j ACCEPT + ip6tables -A INPUT -p tcp --dport $port -j ACCEPT + ip6tables -A INPUT -p udp --dport $port -j ACCEPT + done + + # 保存iptables规则 + iptables-save > /etc/iptables/rules.v4 + ip6tables-save > /etc/iptables/rules.v6 + + # 使规则在重启后生效 + netfilter-persistent save + netfilter-persistent reload +} + +# 检查是否安装了ufw或iptables +if command -v ufw &> /dev/null +then + configure_ufw + +elif command -v iptables &> /dev/null +then + configure_iptables + +else + echo "没有安装ufw或iptables,正在安装iptables..." + install_iptables + configure_iptables +fi + +echo "防火墙规则配置完成"