iptables 批量添加CloudFlare IP地址到白名单中

123 阅读技术资料cloudflare Cloudflare IP
0

CloudFlare的CDN服务器IP地址太多了,手动添加到防火墙白名单很费时,使用以下命令就可以批量添加了:

for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -s $i -j ACCEPT; done
 for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done

也可以指定端口:

for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -s $i --dport 2408 -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -s $i --dport 2408 -j ACCEPT; done

分享到:
提问于

Login

Welcome! Login in to your account

Remember meLost your password?

Don't have account. Register

Lost Password

Register