VPSBOOM!!!添加cloudflare ips-v4到 iptables 白名单的命令
for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
添加cloudflare ips-v6 iptables 白名单的命令
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
丢弃白名单以外的 ipv4 80,443 tcp 包
iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP
丢弃白名单以外的 ipv6 80,443 tcp 包
ip6tables -A INPUT -p tcp -m multiport --dports http,https -j DROP
未经允许不得转载:VPSBOOM!!! » IPTABLES 设置网站仅允许CloudFlare IP访问 隐藏源站IP 防止源站被扫描
