55 lines
1.3 KiB
Bash
55 lines
1.3 KiB
Bash
#!/bin/bash
|
|
# 综合防火墙关闭脚本
|
|
|
|
echo "=== 开始关闭系统防火墙 ==="
|
|
|
|
# 检查并关闭 UFW
|
|
if command -v ufw &> /dev/null; then
|
|
echo "关闭 UFW..."
|
|
ufw disable
|
|
fi
|
|
|
|
# 检查并停止 nftables
|
|
if systemctl is-active --quiet nftables; then
|
|
echo "停止 nftables..."
|
|
systemctl stop nftables
|
|
systemctl disable nftables
|
|
nft flush ruleset
|
|
fi
|
|
|
|
# 检查并停止 iptables
|
|
if systemctl is-active --quiet iptables; then
|
|
echo "停止 iptables..."
|
|
systemctl stop iptables
|
|
systemctl disable iptables
|
|
fi
|
|
|
|
# 清除 iptables 规则
|
|
echo "清除 iptables 规则..."
|
|
iptables -F
|
|
iptables -X
|
|
iptables -t nat -F
|
|
iptables -t nat -X
|
|
iptables -t mangle -F
|
|
iptables -t mangle -X
|
|
iptables -P INPUT ACCEPT
|
|
iptables -P FORWARD ACCEPT
|
|
iptables -P OUTPUT ACCEPT
|
|
|
|
# 清除 ip6tables 规则
|
|
ip6tables -F
|
|
ip6tables -X
|
|
ip6tables -t nat -F
|
|
ip6tables -t nat -X
|
|
ip6tables -t mangle -F
|
|
ip6tables -t mangle -X
|
|
ip6tables -P INPUT ACCEPT
|
|
ip6tables -P FORWARD ACCEPT
|
|
ip6tables -P OUTPUT ACCEPT
|
|
|
|
echo "=== 防火墙关闭完成 ==="
|
|
echo "当前防火墙状态:"
|
|
echo "UFW: $(ufw status 2>/dev/null | head -n1 || echo '未安装')"
|
|
echo "nftables: $(systemctl is-active nftables 2>/dev/null || echo '未运行')"
|
|
echo "iptables: $(systemctl is-active iptables 2>/dev/null || echo '未运行')"
|