蘑菇博客

CentOS7自动添加防火墙白名单

自动添加某域名对应的IP地址到防火墙里,允许此IP访问SSH服务

package main

import (
	"fmt"
	"net"
	"os/exec"
	"strings"
)

func main() {
	ip, err := net.ResolveIPAddr("ip4", "test.com")
	if err != nil {
		return
	}
	command, err := exec.Command("bash", "-c", "firewall-cmd --list-all").Output()
	if err != nil {
		return
	}
	if strings.Contains(string(command), ip.String()) {
		return
	}
	comm := `firewall-cmd --add-rich-rule='rule family="ipv4" source address="` + ip.String() + `" port port="22" protocol="tcp" accept'`
	_, err = exec.Command("bash", "-c", comm).Output()
	if err != nil {
		fmt.Println(err.Error())
		return
	}
}

mogu