有没有办法在不知道我的 iptables 中有什么的情况下删除 iptables 中的多行?
例如,我想从端口 80 删除所有端口转发,这是 iptables:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8080
REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 8443
有没有办法在一个命令中删除这两行?
最佳答案
这是一个工作脚本:
iptables -t nat --list-rules PREROUTING | while IFS='' read -r line || [[ -n "$line" ]]; do
RULE443=$(echo $line | grep "REDIRECT --to-ports 8443")
RULE80=$(echo $line | grep "REDIRECT --to-ports 8080")
if [ "$RULE80" != '' ]
then
PORT80=$(echo $RULE80 | grep -o '\-\-dport.*' | cut -d' ' -f2)
iptables -t nat -D PREROUTING -p tcp --dport $PORT80 -j REDIRECT --to-port 8080
elif [ "$RULE443" != '' ]
then
PORT443=$(echo $RULE443 | grep -o '\-\-dport.*' | cut -d' ' -f2)
iptables -t nat -D PREROUTING -p tcp --dport $PORT443 -j REDIRECT --to-port 8443
fi
done
关于linux - 如何删除多行IPTABLES,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52875291/