Categories
- FFMpeg (5)
- Libav (1)
- Google (3)
- iBeacon (1)
- LDAP (3)
- Me (2)
- Network (11)
- OS (149)
- RTMP (4)
- SIP (1)
- Kamailio (1)
- SNMP (1)
- VMware (20)
- VCP考試 (1)
- 伺服器 網站服務 (105)
- 名詞解釋 (4)
- 專案管理 (1)
- 工具軟體 (50)
- Adobe (1)
- FMS (1)
- Cloudera (1)
- Docker (1)
- Eclipse (4)
- Intellij (2)
- OBS (2)
- Office (10)
- Excel (4)
- PowerPoint (5)
- Postman (1)
- Splunk (13)
- Virtualbox (2)
- Visual Studio (2)
- 文字編輯器 (10)
- Sublime Text 2 (6)
- Sublime Text 3 (3)
- Vim (3)
- 連線工具 (1)
- Xshell (1)
- Adobe (1)
- 程式語言 (79)
- CSS (2)
- HTML (2)
- iOS (1)
- Java (30)
- JavaScript (5)
- jQuery (4)
- jsTree (2)
- JSP (3)
- PHP (16)
- Python (7)
- Ruby (1)
- sed (1)
- Shell Script (8)
- Windows Bash Script (1)
- XML (1)
- 資料庫 (37)
- FFMpeg (5)
Category Archives: Network
Bridge Firewall 筆記 – br-boot.sh
br-boot.sh (開機時建立bridge firewall)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
#!/bin/bash # 宣告使用指令之路徑 IPTABLES="/sbin/iptables" BRCTL="/usr/sbin/brctl" IFCONFIG="/sbin/ifconfig" ROUTE="/sbin/route" <!--more--> # 宣告欲設定之ip資訊 BRIP="163.28.192.135" FW_IP="163.28.192.135" BRMASK="255.255.255.0" GATEWAY="163.28.192.254" BRBROADCAST="163.28.192.255" # 宣告欲使用之介面名稱 FW_IFACE="br0" $BRCTL addbr br0 #新增一bridge網路介面br0 $BRCTL addif br0 eth0 #將eth0加入br0內 $BRCTL addif br0 eth1 #將eth1加入br0內 $BRCTL addif br0 eth3 #將eth3加入br0內 # 先關閉這三組網路介面,準備設定ip $IFCONFIG br0 down $IFCONFIG eth0 down $IFCONFIG eth1 down $IFCONFIG eth3 down $IFCONFIG eth0 0.0.0.0 #eth0本身不帶ip $IFCONFIG eth1 192.168.1.11 #eth1帶192.168.1.11,與設定的vmware系統可以互通 $IFCONFIG eth2 192.168.163.1 #eth2帶192.168.163.1,用來與備援firewall互通偵測 $IFCONFIG eth3 0.0.0.0 #eth3本身不帶ip # 設定bridge介面ip $IFCONFIG br0 $BRIP netmask $BRMASK broadcast $BRBROADCAST # 設定 gateway 值,使 fw 本身可以上網 $ROUTE add default gw $GATEWAY # 啟動封包轉送,重要 echo "1" > /proc/sys/net/ipv4/ip_forward # 因為建立bridge需要時間,等10秒後啟動detect.sh sleep 10s /bin/sh /br-fw/detect.sh &bg |
Posted in Linux, Network
Leave a comment