4、提取出需要关闭的端口(除了端口22之外,其余端口全部关闭)。通过sshpass远程登录到各主机,并且在iptables执行关闭端口命令。
1 # 提取出需要关闭的端口(除了端口22之外,其余端口如果打开则全部关闭)
2 awk '{if($4~/open/ && $2!=22) print $0}' /wuhao/sh/files/nmap2.txt > /wuhao/sh/files/nmap3.txt
3
4 hostip=($(awk -F " " '{print $1}' /wuhao/sh/files/nmap3.txt))
5 port=($(awk -F " " '{print $2}' /wuhao/sh/files/nmap3.txt))
6 protocol=($(awk -F " " '{print $3}' /wuhao/sh/files/nmap3.txt))
7
8 # 通过sshpass远程登录到各主机,并且在iptables执行关闭端口命令
9 for((m=0;m<${#hostip[*]};m=m+1))
10 do
11   sshpass -p 123456 ssh root@${hostip[$m]} "iptables -A INPUT -p ${protocol[$m]} --dport ${port[$m]} -j DROP;service iptables save;service iptables restart;exit"
12 done
13
14 echo "success!"
  5、运行脚本,查看结果。
[root@oos01 sh]# sh shutdownport.sh 192.168.20.1-10
iptables: Saving firewall rules to /etc/sysconfig/iptables: [  OK  ]
iptables: Setting chains to policy ACCEPT: filter [  OK  ]
iptables: Flushing firewall rules: [  OK  ]
iptables: Unloading modules: [  OK  ]
iptables: Applying firewall rules: [  OK  ]
iptables: Saving firewall rules to /etc/sysconfig/iptables: [  OK  ]
iptables: Setting chains to policy ACCEPT: filter [  OK  ]
iptables: Flushing firewall rules: [  OK  ]
iptables: Unloading modules: [  OK  ]
iptables: Applying firewall rules: [  OK  ]
iptables: Saving firewall rules to /etc/sysconfig/iptables: [  OK  ]
iptables: Setting chains to policy ACCEPT: filter [  OK  ]
iptables: Flushing firewall rules: [  OK  ]
iptables: Unloading modules: [  OK  ]
iptables: Applying firewall rules: [  OK  ]
iptables: Saving firewall rules to /etc/sysconfig/iptables: [  OK  ]
iptables: Setting chains to policy ACCEPT: filter [  OK  ]
iptables: Flushing firewall rules: [  OK  ]
iptables: Unloading modules: [  OK  ]
iptables: Applying firewall rules: [  OK  ]
iptables: Saving firewall rules to /etc/sysconfig/iptables: [  OK  ]
iptables: Setting chains to policy ACCEPT: filter [  OK  ]
iptables: Flushing firewall rules: [  OK  ]
iptables: Unloading modules: [  OK  ]
iptables: Applying firewall rules: [  OK  ]
success!