Shell-implemented iptables management script sharing

Time:2022-8-4

The previous script used the save mode, and now the command is attached to a file, so that it can be easily modified twice.
The script is basically like this, you can modify it again according to your own situation ~ add functions or something.

copy codecode show as below:
#!/bin/bash
while true
do
clear
echo “———————-menu———————-“
echo “(1) service iptables restart”
echo “(2) iptables add”
echo “(3) iptables delete”
echo “(4) iptables stop”
echo "(5) iptables save (this mode is not recommended)"
echo “(6) iptables status”
echo “(7) iptables ACL list”
echo “(0) exit”
echo "A fw.sh file will be generated in the current directory"
echo “————————————————-“
echo -n “enter you chose[0-7]:”
read num
if [ ${num} -lt 0 -o ${num} -gt 7 ]
    then
      echo “this is not between 0-7”
else
   if [ “${num}” == “1” ]
      then
      service iptables restart&
else
   if [ “${num}” == “2” ]
#######################################################
       then
          while [ “1” == “1” ]
          do
          clear
          echo “———————-add ACL———————-“
echo "(1) Add for source IP release"
echo "(2) Add for server port release"
echo "(3) Add for the ACL with port and service (here you need to parameter IP and port such as 0/0 80)"
echo "(4) Custom add"
echo "(5) go back to the previous level"
          echo “————————————————-“
          echo -n “enter you chose[0-4]:”
          read aclnum
          if [ “${aclnum}” == “1” ]
             then
             read ip
             iptables -A INPUT -s ${ip} -p tcp –dport 22 -j ACCEPT
         echo “iptables -A INPUT -s ${ip} -p tcp –dport 22 -j ACCEPT” >>fw.sh
#            service iptables save
          elif [ “${aclnum}” == “2” ]
             then
             rad ip
             iptables -A INPUT -p tcp –dport ${IP}  -j ACCEPT
         echo “iptables -A INPUT -p tcp –dport ${IP}  -j ACCEPT” >>fw.sh
#            service iptables save
          elif [ “${aclnum}” == “3” ]
             then
             read ip port
             iptables -A INPUT -p tcp -s ${ip} –dport ${port} -j ACCEPT
             echo “iptables -A INPUT -p tcp -s ${ip} –dport ${port} -j ACCEPT” >>fw.sh
#            service iptables save
          elif [ “${aclnum}” == “4” ]
             then
             read addacl
             `${addacl}`
             service iptables save
          else
             break
          fi
echo -n "Do you want to continue adding: [y/n]:"
          read contine
          if [ “${contine}” == “n” -o “${contine}” == “N” ]
             then
             break
             fi
          done
#######################################################
else
   if [ “${num}” == “3” ]
          then
          while [ “1” == “1” ]
          do
          clear
          echo “———————delete ACL———————-“
echo "(1) delete for source ip"
echo "(2) delete for port"
echo "(3) delete ACL with ports and services"
echo "(4) Custom delete"
echo "(5) go back to the previous level"
          echo “————————————————-“
          echo -n “enter you chose[0-5]:”
          read aclnum
          if [ “${aclnum}” == “1” ]
             then
             read ip
             iptables -D INPUT -s ${ip} -p tcp –dport 22 -j ACCEPT
             echo “iptables -D INPUT -s ${ip} -p tcp –dport 22 -j ACCEPT” >>fw.sh
#            service iptables save
          elif [ “${aclnum}” == “2” ]
             then
             read port
             iptables -D INPUT -p tcp –dport ${port}  -j ACCEPT
             echo “iptables -D INPUT -p tcp –dport ${port}  -j ACCEPT” >>fw.sh
#            service iptables save
          elif [ “${aclnum}” == “3” ]
             then
             read ip port
             iptables -D INPUT -p tcp -s ${ip} –dport ${port} -j ACCEPT
         echo “iptables -D INPUT -p tcp -s ${ip} –dport ${port} -j ACCEPT” >>fw.sh
#            service iptables save
          elif [ “${aclnum}” == “4” ]
             then
             read deleteacl
             `${deleteacl}`
             service iptables save
          else
             break
          fi
echo -n "Do you want to continue adding: [y/n]:"
          read contine
          if [ “${contine}” == “n” -o “${contine}” == “N” ]
             then
             break
             fi
          done
###################################################################
else
   if [ “${num}” == “4” ]
       then
       echo -e “`service iptables stop&` “
else
   if [ “${num}” == “5” ]
       then
       echo -e “`service iptables save&`”
else
   if [ “${num}” == “6” ]
       then
       echo -e “`service iptables status&`”
else
   if [ “${num}” == “7” ]
       then
         while [ “1” == “1” ]
       do
       clear
       echo “———————list ACL———————-“
echo "(1) View the current set of rules in use"
echo "(2) View simple traffic statistics for each policy or each rule and each chain"
echo "(3) View NAT table"
echo "(4) Custom View"
echo "(5) go back to the previous level"
       echo “————————————————-“
       echo -n “enter you chose[0-5]:”
       read aclnum
       if [ “${aclnum}” == “1” ]
          then
          iptables -L
       elif [ “${aclnum}” == “2” ]
          then
          iptables -L -n -v
       elif [ “${aclnum}” == “3” ]
          then
          iptables -L -t nat
       elif [ “${aclnum}” == “4” ]
          then
          read listacl
          `${listacl}`
       else
        break
         fi
echo -n "Do you want to continue adding: [y/n]:"
          read contine
          if [ “${contine}” == “n” -o “${contine}” == “N” ]
             then
             break
          fi
       done
################################################
else   
   exit
fi
  fi
    fi
     fi
      fi
       fi
        fi
         fi
echo -n “Do you contine [y/n]:”
read contine
if [ “${contine}” == “n” -o “${contine}” == “N” ]
   then
   exit
fi
done