摘要:
#!-ne0];then/bin/systemctlstartiptables.service˃/dev/nullfielseserviceiptablesstatus˃/dev/nullif[$?-ne0];thenserviceiptablesstart˃/dev/nullfifi}vm_num(){while:doread-p"PleaseinputVMnumber:[exp˃10or60]"numif[`echo"$num"|grep-c'[^0-9]'`-ne0];thenecho"InputVMNumbererror!!!"continueelseif["$num"-gt0];thenbreakelseecho"InputVMNumbererror!!!"continuefifidone}#get_vm_vncport(){#xenstore-ls/local/domain|grepvnc-port|awk-F='{print$2}'|sed's/"//g'˃/tmp/vm_vncport.tmp#}get_dom0_vncport(){dom0_vnc_port=`xenstore-read/local/domain/0/console/vnc-port`}drop_vm_vncport(){max_num=`echo"5900+$num"|bc`for((i=5900;i/dev/nulldone#exceptdom0VNCportget_dom0_vncportiptables-IINPUT-ptcp--dport"$dom0_vnc_port"-jACCEPT}#mainstart_iptablesvm_numdrop_vm_vncportserviceiptablessaveecho"done"#!/bin/sh#ver0.10706/2017hayden#thisscriptforenableXenserverVMVNCConsoleport#yelang007sheng@163.comstart_iptables(){xen_ver=`cat/etc/redhat-release|awk'{print$3}'|awk-F.'{print$1}'`if[$xen_ver-eq7];then/bin/systemctlstatusiptables.service˃/dev/nullif[$?-ne0];then/bin/systemctlstartiptables.service˃/dev/nullfielseserviceiptablesstatus˃/dev/nullif[$?-ne0];thenserviceiptablesstart˃/dev/nullfifi}vm_num(){while:doread-p"PleaseinputVMnumber:[exp˃10or60]"numif[`echo"$num"|grep-c'[^0-9]'`-ne0];thenecho"InputVMNumbererror!!!"continueelseif["$num"-gt0];thenbreakelseecho"InputVMNumbererror!!!
#!/bin/sh #ver 0.1 0706/2017hayden #this script fordisable Xenserver VM VNC Console port #yelang007sheng@163.com start_iptables(){ xen_ver=`cat /etc/redhat-release |awk '{print $3}' |awk -F. '{print $1}'` if [ $xen_ver -eq 7 ];then /bin/systemctl status iptables.service >/dev/null if [ $? -ne 0 ];then /bin/systemctl start iptables.service >/dev/null fi elseservice iptables status >/dev/null if [ $? -ne 0 ];thenservice iptables start >/dev/null fi fi} vm_num(){ while: doread -p "Please input VM number: [ exp> 10 or 60 ] "num if [ `echo "$num" |grep -c '[^0-9]'` -ne 0 ]; then echo "Input VM Number error!!!"continue else if [ "$num" -gt 0 ]; thenbreak else echo "Input VM Number error!!!"continue fi fi done} #get_vm_vncport(){ # xenstore-ls /local/domain |grep vnc-port |awk -F= '{print $2}' |sed 's/"//g' >/tmp/vm_vncport.tmp #} get_dom0_vncport(){ dom0_vnc_port=`xenstore-read /local/domain/0/console/vnc-port` } drop_vm_vncport(){ max_num=`echo "5900 + $num" |bc` for((i=5900;i<=$max_num;i++)) doiptables -I INPUT -p tcp --dport $i -j DROP >/dev/null done#except dom0 VNC port get_dom0_vncport iptables -I INPUT -p tcp --dport "$dom0_vnc_port" -j ACCEPT } #main start_iptables vm_num drop_vm_vncport service iptables save echo "done"
#!/bin/sh #ver 0.1 0706/2017hayden #this script forenable Xenserver VM VNC Console port #yelang007sheng@163.com start_iptables(){ xen_ver=`cat /etc/redhat-release |awk '{print $3}' |awk -F. '{print $1}'` if [ $xen_ver -eq 7 ];then /bin/systemctl status iptables.service >/dev/null if [ $? -ne 0 ];then /bin/systemctl start iptables.service >/dev/null fi elseservice iptables status >/dev/null if [ $? -ne 0 ];thenservice iptables start >/dev/null fi fi} vm_num(){ while: doread -p "Please input VM number: [ exp> 10 or 60 ] "num if [ `echo "$num" |grep -c '[^0-9]'` -ne 0 ]; then echo "Input VM Number error!!!"continue else if [ "$num" -gt 0 ]; thenbreak else echo "Input VM Number error!!!"continue fi fi done} #get_vm_vncport(){ # xenstore-ls /local/domain |grep vnc-port |awk -F= '{print $2}' |sed 's/"//g' >/tmp/vm_vncport.tmp #} get_dom0_vncport(){ dom0_vnc_port=`xenstore-read /local/domain/0/console/vnc-port` } drop_vm_vncport(){ max_num=`echo "5900 + $num" |bc` for((i=5900;i<=$max_num;i++)) doiptables -I INPUT -p tcp --dport $i -j ACCEPT >/dev/null done#except dom0 VNC port get_dom0_vncport iptables -I INPUT -p tcp --dport "$dom0_vnc_port" -j ACCEPT } #main start_iptables vm_num drop_vm_vncport service iptables save echo "done"