我想检查ccd文件夹中是否存在IP,并将IP路由推送到iptables中的FORWARDING链。我是bash脚本的新手,需要一些帮助来完成此脚本。
/ etc / openvpn / ccd中的客户端文件:
ifconfig-push 10.8.0.45 255.255.255.0
push 'route 10.10.0.45'
我需要grep 10.8.0.45 & 10.10.0.45
并将这些路由推送到iptables中。例如
iptables -A FORWARD -s 10.8.0.45 -d 10.10.0.45 -j ACCEPT
client-connect /etc/openvpn/on_connect.sh
脚本我需要'grep'或'awk'的帮助
static_ip= grep "^push \"route" | grep "^'" | cut -f2 -d" "
ip_destination=grep "^push \"route" | grep "^'" | cut -f3 -d" "
#!/usr/bin/env bash # # Add iptables rules based on CCD client config. # CCD_DIR="/etc/openvpn/ccd" # iptables rule comment - the disconnect script will # remove all strings matching this pattern RULE_COMMENT="OVPN_"$common_name static_ip=grep.. ip_destination=grep.. if [ -f $CCD_DIR/$common_name ]; then sudo iptables -A FORWARD -s $static_ip -d ip_destination -j ACCEPT fi exit 0
尝试这样。
static_ip=$( cat $CCD_DIR | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | grep -E '(^|\s)10.8.0.45($|\s)' )
ip_destination=$( cat $CCD_DIR | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | grep -E '(^|\s)10.10.0.45($|\s)' )