iptables 批量添加CloudFlare IP地址到白名单中

4.29K 浏览技术资料
0
Avatar for Qi
0条评论

CloudFlare的CDN服务器IP地址太多了,手动添加到防火墙白名单很费时,使用以下命令就可以批量添加了:

for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -s $i -j ACCEPT; done
 for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done

也可以指定端口:

for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -s $i --dport 2408 -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -s $i --dport 2408 -j ACCEPT; done

分享到:
Qi 问的问题 2020年9月23日
添加评论
Avatar for Qi
写下您的答案。

Login

Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password

Register