iptables规则中配置ipset 

# 创建ipset
ipset create white-list hash:ip
ips="10.0.0.1,10.0.0.2,10.0.0.3"
# 根据逗号切割
ipArr=(${ips//\,/ })
for item in "${ipArr[@]}"
do
  # 增加单个ip
  ipset add white-list ${item}
done
# 查看单个ipset
ipset list white-list
# 删除单个ip
ipset del white-list 10.0.0.1
# 查看单个ipset
ipset list white-list
# 增加规则
iptables -t filter -I INPUT -m set --match-set white-list src -d 1.1.1.1 -p tcp --dport 1000 -j ACCEPT

 

 

posted on 2025-06-15 21:43  王景迁  阅读(34)  评论(0)    收藏  举报

导航