80 lines
2.2 KiB
Bash
Executable File
80 lines
2.2 KiB
Bash
Executable File
#!/bin/bash
|
|
# 使用 iptables 开放 Gerrit SSH 端口 29419 的脚本
|
|
|
|
echo "=========================================="
|
|
echo "使用 iptables 开放 Gerrit SSH 端口 29419"
|
|
echo "=========================================="
|
|
|
|
# 检查是否有 root 权限
|
|
if [ "$EUID" -ne 0 ]; then
|
|
echo "❌ 此脚本需要 root 权限,请使用 sudo 运行"
|
|
echo ""
|
|
echo "使用方法:"
|
|
echo " sudo bash 开放端口29419-iptables.sh"
|
|
exit 1
|
|
fi
|
|
|
|
echo ""
|
|
echo "步骤 1: 检查当前 iptables 规则..."
|
|
iptables -L -n | grep 29419 || echo "未找到 29419 端口规则"
|
|
|
|
echo ""
|
|
echo "步骤 2: 添加 iptables 规则允许端口 29419..."
|
|
iptables -I INPUT -p tcp --dport 29419 -j ACCEPT
|
|
|
|
if [ $? -eq 0 ]; then
|
|
echo "✅ iptables 规则已添加"
|
|
else
|
|
echo "❌ 添加规则失败"
|
|
exit 1
|
|
fi
|
|
|
|
echo ""
|
|
echo "步骤 3: 保存 iptables 规则..."
|
|
# 尝试不同的保存方式
|
|
if command -v iptables-save &> /dev/null; then
|
|
# CentOS 7
|
|
if [ -f /etc/sysconfig/iptables ]; then
|
|
iptables-save > /etc/sysconfig/iptables
|
|
echo "✅ 规则已保存到 /etc/sysconfig/iptables"
|
|
else
|
|
# 其他系统
|
|
iptables-save > /etc/iptables/rules.v4 2>/dev/null || \
|
|
iptables-save > /etc/iptables.rules 2>/dev/null || \
|
|
echo "⚠️ 请手动保存 iptables 规则"
|
|
fi
|
|
else
|
|
echo "⚠️ 未找到 iptables-save 命令,请手动保存规则"
|
|
fi
|
|
|
|
echo ""
|
|
echo "步骤 4: 验证规则..."
|
|
if iptables -L -n | grep -q "29419"; then
|
|
echo "✅ 端口 29419 规则已添加"
|
|
iptables -L -n | grep 29419
|
|
else
|
|
echo "⚠️ 警告:规则可能未正确添加"
|
|
fi
|
|
|
|
echo ""
|
|
echo "步骤 5: 检查端口监听状态..."
|
|
if netstat -tlnp 2>/dev/null | grep -q ":29419"; then
|
|
echo "✅ Gerrit 服务正在监听端口 29419"
|
|
netstat -tlnp | grep 29419
|
|
else
|
|
echo "⚠️ 警告:未检测到端口 29419 的监听,请检查 Gerrit 服务状态"
|
|
fi
|
|
|
|
echo ""
|
|
echo "=========================================="
|
|
echo "完成!"
|
|
echo "=========================================="
|
|
echo ""
|
|
echo "如果使用云服务器,还需要在云控制台的安全组中开放端口 29419"
|
|
echo ""
|
|
echo "测试连接:"
|
|
echo " ssh -p 29419 renjianbo@101.43.95.130 gerrit version"
|
|
echo ""
|
|
|
|
|