xuqiuyun/cattleData
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5c8e828c6052454756092f4ce9bca6e6adaca66b
cattleData/backend/open_firewall.sh

90 lines
2.6 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# 开放防火墙端口脚本
PORT=12240
echo "=== 开放端口 $PORT 的防火墙配置 ==="
echo ""
# 检查是否有 root 权限
if [ "$EUID" -ne 0 ]; then
echo "⚠ 需要 root 权限执行此脚本"
echo "请使用: sudo $0"
exit 1
fi
# 方法1: 使用 firewalld (CentOS 7+/RHEL 7+)
if command -v firewall-cmd &> /dev/null; then
echo "检测到 firewalld使用 firewalld 配置..."
# 检查防火墙状态
if systemctl is-active --quiet firewalld; then
echo "✓ Firewalld 正在运行"
# 添加端口
echo "正在添加端口 $PORT/tcp..."
firewall-cmd --add-port=$PORT/tcp --permanent
# 重新加载配置
echo "重新加载防火墙配置..."
firewall-cmd --reload
# 验证
if firewall-cmd --query-port=$PORT/tcp | grep -q "yes"; then
echo "✓ 端口 $PORT 已成功开放"
else
echo "✗ 端口开放失败"
fi
# 显示当前开放的端口
echo ""
echo "当前开放的端口:"
firewall-cmd --list-ports
else
echo "⚠ Firewalld 未运行,尝试启动..."
systemctl start firewalld
systemctl enable firewalld
firewall-cmd --add-port=$PORT/tcp --permanent
firewall-cmd --reload
firewall-cmd --query-port=$PORT/tcp
fi
fi
# 方法2: 使用 iptables (CentOS 6/其他系统)
if command -v iptables &> /dev/null && ! command -v firewall-cmd &> /dev/null; then
echo ""
echo "检测到 iptables使用 iptables 配置..."
# 检查规则是否已存在
if iptables -C INPUT -p tcp --dport $PORT -j ACCEPT 2>/dev/null; then
echo "✓ 端口 $PORT 的规则已存在"
else
echo "正在添加 iptables 规则..."
iptables -A INPUT -p tcp --dport $PORT -j ACCEPT
# 保存规则
if [ -f /etc/sysconfig/iptables ]; then
iptables-save > /etc/sysconfig/iptables
echo "✓ 规则已保存到 /etc/sysconfig/iptables"
elif command -v netfilter-persistent &> /dev/null; then
netfilter-persistent save
echo "✓ 规则已保存"
else
echo "⚠ 请手动保存 iptables 规则"
fi
echo "✓ 端口 $PORT 已开放"
fi
fi
echo ""
echo "=== 配置完成 ==="
echo ""
echo "请检查:"
echo "1. 云服务器安全组是否开放 $PORT 端口"
echo "2. 测试外部访问: curl http://119.45.30.82:$PORT/api/cattle-data"
echo "3. 查看监听状态: netstat -tlnp | grep $PORT"
Reference in New Issue View Git Blame Copy Permalink