|
|
|
|
@ -725,7 +725,8 @@ install_v2ray() { |
|
|
|
|
if [[ $cmd == "apt-get" ]]; then |
|
|
|
|
$cmd install -y lrzsz git zip unzip curl wget qrencode libcap2-bin |
|
|
|
|
else |
|
|
|
|
$cmd install -y lrzsz git zip unzip curl wget qrencode libcap iptables-services |
|
|
|
|
# $cmd install -y lrzsz git zip unzip curl wget qrencode libcap iptables-services |
|
|
|
|
$cmd install -y lrzsz git zip unzip curl wget qrencode libcap |
|
|
|
|
fi |
|
|
|
|
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime |
|
|
|
|
[ -d /etc/v2ray ] && rm -rf /etc/v2ray |
|
|
|
|
@ -768,6 +769,7 @@ install_v2ray() { |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
open_port() { |
|
|
|
|
if [[ $cmd == "apt-get" ]]; then |
|
|
|
|
if [[ $1 != "multiport" ]]; then |
|
|
|
|
|
|
|
|
|
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT |
|
|
|
|
@ -793,15 +795,15 @@ open_port() { |
|
|
|
|
# firewall-cmd --reload |
|
|
|
|
|
|
|
|
|
fi |
|
|
|
|
if [[ $cmd == "apt-get" ]]; then |
|
|
|
|
iptables-save >/etc/iptables.rules.v4 |
|
|
|
|
ip6tables-save >/etc/iptables.rules.v6 |
|
|
|
|
else |
|
|
|
|
service iptables save >/dev/null 2>&1 |
|
|
|
|
service ip6tables save >/dev/null 2>&1 |
|
|
|
|
# else |
|
|
|
|
# service iptables save >/dev/null 2>&1 |
|
|
|
|
# service ip6tables save >/dev/null 2>&1 |
|
|
|
|
fi |
|
|
|
|
} |
|
|
|
|
del_port() { |
|
|
|
|
if [[ $cmd == "apt-get" ]]; then |
|
|
|
|
if [[ $1 != "multiport" ]]; then |
|
|
|
|
# if [[ $cmd == "apt-get" ]]; then |
|
|
|
|
iptables -D INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT |
|
|
|
|
@ -825,13 +827,11 @@ del_port() { |
|
|
|
|
# firewall-cmd --permanent --zone=public --remove-port=$ports/udp |
|
|
|
|
# fi |
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
if [[ $cmd == "apt-get" ]]; then |
|
|
|
|
iptables-save >/etc/iptables.rules.v4 |
|
|
|
|
ip6tables-save >/etc/iptables.rules.v6 |
|
|
|
|
else |
|
|
|
|
service iptables save >/dev/null 2>&1 |
|
|
|
|
service ip6tables save >/dev/null 2>&1 |
|
|
|
|
# else |
|
|
|
|
# service iptables save >/dev/null 2>&1 |
|
|
|
|
# service ip6tables save >/dev/null 2>&1 |
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
@ -857,14 +857,14 @@ config() { |
|
|
|
|
/sbin/ip6tables-restore < /etc/iptables.rules.v6 |
|
|
|
|
EOF |
|
|
|
|
chmod +x /etc/network/if-pre-up.d/iptables |
|
|
|
|
else |
|
|
|
|
[ $(pgrep "firewall") ] && systemctl stop firewalld |
|
|
|
|
systemctl mask firewalld |
|
|
|
|
systemctl disable firewalld |
|
|
|
|
systemctl enable iptables |
|
|
|
|
systemctl enable ip6tables |
|
|
|
|
systemctl start iptables |
|
|
|
|
systemctl start ip6tables |
|
|
|
|
# else |
|
|
|
|
# [ $(pgrep "firewall") ] && systemctl stop firewalld |
|
|
|
|
# systemctl mask firewalld |
|
|
|
|
# systemctl disable firewalld |
|
|
|
|
# systemctl enable iptables |
|
|
|
|
# systemctl enable ip6tables |
|
|
|
|
# systemctl start iptables |
|
|
|
|
# systemctl start ip6tables |
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
[[ $shadowsocks ]] && open_port $ssport |
|
|
|
|
|
233boy
6 years ago