摘要:#!-ne0];then/bin/systemctlstartiptables.service˃/dev/nullfielseserviceiptablesstatus˃/dev/nullif[$?-ne0];thenserviceiptablesstart˃/dev/nullfifi}vm_num(){while:doread-p"PleaseinputVMnumber:[exp˃10or60]"numif[`echo"$num"|grep-c'[^0-9]'`-ne0];thenecho"InputVMNumbererror!!!"continueelseif["$num"-gt0];thenbreakelseecho"InputVMNumbererror!!!"continuefifidone}#get_vm_vncport(){#xenstore-ls/local/domain|grepvnc-port|awk-F='{print$2}'|sed's/"//g'˃/tmp/vm_vncport.tmp#}get_dom0_vncport(){dom0_vnc_port=`xenstore-read/local/domain/0/console/vnc-port`}drop_vm_vncport(){max_num=`echo"5900+$num"|bc`for((i=5900;i/dev/nulldone#exceptdom0VNCportget_dom0_vncportiptables-IINPUT-ptcp--dport"$dom0_vnc_port"-jACCEPT}#mainstart_iptablesvm_numdrop_vm_vncportserviceiptablessaveecho"done"#!/bin/sh#ver0.10706/2017hayden#thisscriptforenableXenserverVMVNCConsoleport#yelang007sheng@163.comstart_iptables(){xen_ver=`cat/etc/redhat-release|awk'{print$3}'|awk-F.'{print$1}'`if[$xen_ver-eq7];then/bin/systemctlstatusiptables.service˃/dev/nullif[$?-ne0];then/bin/systemctlstartiptables.service˃/dev/nullfielseserviceiptablesstatus˃/dev/nullif[$?-ne0];thenserviceiptablesstart˃/dev/nullfifi}vm_num(){while:doread-p"PleaseinputVMnumber:[exp˃10or60]"numif[`echo"$num"|grep-c'[^0-9]'`-ne0];thenecho"InputVMNumbererror!!!"continueelseif["$num"-gt0];thenbreakelseecho"InputVMNumbererror!!!
#!/bin/sh
#ver 0.1 0706/2017hayden
#this script fordisable Xenserver VM VNC Console port
#yelang007sheng@163.com
start_iptables(){
xen_ver=`cat /etc/redhat-release |awk '{print $3}' |awk -F. '{print $1}'`
if [ $xen_ver -eq 7 ];then
/bin/systemctl status iptables.service >/dev/null
if [ $? -ne 0 ];then
/bin/systemctl start iptables.service >/dev/null
fi
elseservice iptables status >/dev/null
if [ $? -ne 0 ];thenservice iptables start >/dev/null
fi
fi}
vm_num(){
while:
doread -p "Please input VM number: [ exp> 10 or 60 ] "num
if [ `echo "$num" |grep -c '[^0-9]'` -ne 0 ]; then
echo "Input VM Number error!!!"continue
else
if [ "$num" -gt 0 ]; thenbreak
else
echo "Input VM Number error!!!"continue
fi
fi
done}
#get_vm_vncport(){
# xenstore-ls /local/domain |grep vnc-port |awk -F= '{print $2}' |sed 's/"//g' >/tmp/vm_vncport.tmp
#}
get_dom0_vncport(){
dom0_vnc_port=`xenstore-read /local/domain/0/console/vnc-port`
}
drop_vm_vncport(){
max_num=`echo "5900 + $num" |bc`
for((i=5900;i<=$max_num;i++))
doiptables -I INPUT -p tcp --dport $i -j DROP >/dev/null
done#except dom0 VNC port
get_dom0_vncport
iptables -I INPUT -p tcp --dport "$dom0_vnc_port" -j ACCEPT
}
#main
start_iptables
vm_num
drop_vm_vncport
service iptables save
echo "done"
#!/bin/sh
#ver 0.1 0706/2017hayden
#this script forenable Xenserver VM VNC Console port
#yelang007sheng@163.com
start_iptables(){
xen_ver=`cat /etc/redhat-release |awk '{print $3}' |awk -F. '{print $1}'`
if [ $xen_ver -eq 7 ];then
/bin/systemctl status iptables.service >/dev/null
if [ $? -ne 0 ];then
/bin/systemctl start iptables.service >/dev/null
fi
elseservice iptables status >/dev/null
if [ $? -ne 0 ];thenservice iptables start >/dev/null
fi
fi}
vm_num(){
while:
doread -p "Please input VM number: [ exp> 10 or 60 ] "num
if [ `echo "$num" |grep -c '[^0-9]'` -ne 0 ]; then
echo "Input VM Number error!!!"continue
else
if [ "$num" -gt 0 ]; thenbreak
else
echo "Input VM Number error!!!"continue
fi
fi
done}
#get_vm_vncport(){
# xenstore-ls /local/domain |grep vnc-port |awk -F= '{print $2}' |sed 's/"//g' >/tmp/vm_vncport.tmp
#}
get_dom0_vncport(){
dom0_vnc_port=`xenstore-read /local/domain/0/console/vnc-port`
}
drop_vm_vncport(){
max_num=`echo "5900 + $num" |bc`
for((i=5900;i<=$max_num;i++))
doiptables -I INPUT -p tcp --dport $i -j ACCEPT >/dev/null
done#except dom0 VNC port
get_dom0_vncport
iptables -I INPUT -p tcp --dport "$dom0_vnc_port" -j ACCEPT
}
#main
start_iptables
vm_num
drop_vm_vncport
service iptables save
echo "done"