update

git/gitlab_install.sh

@@ -16,7 +16,7 @@ systemctl start postfix
 cat >>/etc/yum.repos.d/gitlab-ce.repo<<EOF
 [gitlab-ce]
 name=Gitlab CE Repository
-baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
+baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
 gpgcheck=0
 enabled=1
 EOF
@@ -38,4 +38,4 @@ EOF
 yum makecache
 yum install -y  gitlab-runner
 
-echo ok
+echo ok

iptables/ipt.sh

@@ -1,20 +1,20 @@
-#!/bin/bash
-/sbin/iptables -F
-
-/sbin/iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
-/sbin/iptables -A INPUT -s 127.0.0.1 -j ACCEPT
-/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-/sbin/iptables -A OUTPUT -j ACCEPT
-/sbin/iptables -A INPUT -s 192.168.1.111 -j ACCEPT
-/sbin/iptables -A INPUT -s 192.168.1.112 -j ACCEPT
-/sbin/iptables -A INPUT  -p tcp --dport 443 -j ACCEPT
-/sbin/iptables -A INPUT  -p tcp --dport 80  -j ACCEPT
-/sbin/iptables -A INPUT  -p tcp --dport 22  -j ACCEPT
-##允许ping规则
-##/sbin/iptables -A INPUT  -p icmp  -j ACCEPT
-/sbin/iptables -A INPUT -j REJECT
-/sbin/iptables -A FORWARD -j REJECT
-
-/sbin/service iptables save
-/sbin/iptables  -nL
-echo ok
+#!/bin/bash
+/sbin/iptables -F
+
+/sbin/iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
+/sbin/iptables -A INPUT -s 127.0.0.1 -j ACCEPT
+/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+/sbin/iptables -A OUTPUT -j ACCEPT
+/sbin/iptables -A INPUT -s 192.168.1.111 -j ACCEPT
+/sbin/iptables -A INPUT -s 192.168.1.112 -j ACCEPT
+/sbin/iptables -A INPUT  -p tcp --dport 443 -j ACCEPT
+/sbin/iptables -A INPUT  -p tcp --dport 80  -j ACCEPT
+/sbin/iptables -A INPUT  -p tcp --dport 22  -j ACCEPT
+##允许ping规则
+##/sbin/iptables -A INPUT  -p icmp  -j ACCEPT
+/sbin/iptables -A INPUT -j REJECT
+/sbin/iptables -A FORWARD -j REJECT
+
+/sbin/service iptables save
+/sbin/iptables  -nL
+echo ok

iptables/ipt_ubuntu.sh

@@ -1,20 +1,20 @@
-#!/bin/bash
-/sbin/iptables -F
-/sbin/iptables -X
-
-/sbin/iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
-/sbin/iptables -A INPUT -s 127.0.0.1 -j ACCEPT
-/sbin/iptables -A INPUT -s 114.114.114.114 -j ACCEPT
-/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-/sbin/iptables -A OUTPUT -j ACCEPT
-/sbin/iptables -A INPUT -s 114.114.114.114 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-
-/sbin/iptables -A INPUT -j REJECT
-/sbin/iptables -A FORWARD -j REJECT
-
-iptables-save
-
-##iptables-save >/etc/iptables.up.rules
-##iptables-restore </etc/iptables.up.rules
-
+#!/bin/bash
+/sbin/iptables -F
+/sbin/iptables -X
+
+/sbin/iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
+/sbin/iptables -A INPUT -s 127.0.0.1 -j ACCEPT
+/sbin/iptables -A INPUT -s 114.114.114.114 -j ACCEPT
+/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+/sbin/iptables -A OUTPUT -j ACCEPT
+/sbin/iptables -A INPUT -s 114.114.114.114 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
+
+/sbin/iptables -A INPUT -j REJECT
+/sbin/iptables -A FORWARD -j REJECT
+
+iptables-save
+
+##iptables-save >/etc/iptables.up.rules
+##iptables-restore </etc/iptables.up.rules
+
 echo ok

iptables/iptables_conntrack.sh

@@ -1,36 +1,36 @@
-#!/bin/bash
-## Iptables 2016-07-21
-## http://www.aqzt.com
-## email: [email protected]
-## robert yu
-## centos 7
-
-
-#查看
-#iptables -t raw -L -n
-
-/sbin/iptables -F
-
-##清除raw
-/sbin/iptables -t raw -F
-
-/sbin/iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
-/sbin/iptables -A INPUT -s 127.0.0.1 -j ACCEPT
-
-##设置Iptables禁止对连接数较大的服务进行跟踪
-/sbin/iptables -A INPUT -m state --state UNTRACKED,ESTABLISHED,RELATED -j ACCEPT
-/sbin/iptables -t raw -A PREROUTING -p tcp --dport 80 -j NOTRACK
-/sbin/iptables -t raw -A OUTPUT -p tcp --sport 80 -j NOTRACK
-
-/sbin/iptables -A OUTPUT -j ACCEPT
-/sbin/iptables -A INPUT   -s 192.168.10.12 -p tcp --dport 22  -j ACCEPT
-/sbin/iptables -A INPUT   -s 192.168.10.15 -p tcp --dport 22  -j ACCEPT
-/sbin/iptables -A INPUT   -s 192.168.10.0/255.255.255.0 -p icmp -j ACCEPT
-/sbin/iptables -A INPUT  -p tcp --dport 443  -j ACCEPT
-/sbin/iptables -A INPUT  -p tcp --dport 80  -j ACCEPT
-
-/sbin/iptables -A INPUT -j REJECT
-/sbin/iptables -A FORWARD -j REJECT
-
-/sbin/service iptables save
+#!/bin/bash
+## Iptables 2016-07-21
+## http://www.aqzt.com
+## email: [email protected]
+## robert yu
+## centos 7
+
+
+#查看
+#iptables -t raw -L -n
+
+/sbin/iptables -F
+
+##清除raw
+/sbin/iptables -t raw -F
+
+/sbin/iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
+/sbin/iptables -A INPUT -s 127.0.0.1 -j ACCEPT
+
+##设置Iptables禁止对连接数较大的服务进行跟踪
+/sbin/iptables -A INPUT -m state --state UNTRACKED,ESTABLISHED,RELATED -j ACCEPT
+/sbin/iptables -t raw -A PREROUTING -p tcp --dport 80 -j NOTRACK
+/sbin/iptables -t raw -A OUTPUT -p tcp --sport 80 -j NOTRACK
+
+/sbin/iptables -A OUTPUT -j ACCEPT
+/sbin/iptables -A INPUT   -s 192.168.10.12 -p tcp --dport 22  -j ACCEPT
+/sbin/iptables -A INPUT   -s 192.168.10.15 -p tcp --dport 22  -j ACCEPT
+/sbin/iptables -A INPUT   -s 192.168.10.0/255.255.255.0 -p icmp -j ACCEPT
+/sbin/iptables -A INPUT  -p tcp --dport 443  -j ACCEPT
+/sbin/iptables -A INPUT  -p tcp --dport 80  -j ACCEPT
+
+/sbin/iptables -A INPUT -j REJECT
+/sbin/iptables -A FORWARD -j REJECT
+
+/sbin/service iptables save
 echo ok

iptables/iptables_limit.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/bash
 ## Iptables 2016-09-23
 ## http://www.aqzt.com
 ## email: [email protected]

iptables/iptables_limit_a.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/bash
 ## Iptables 2016-09-28
 ## http://www.aqzt.com
 ## email: [email protected]

iptables/iptables_limit_b.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/bash
 ## Iptables 2016-09-28
 ## http://www.aqzt.com
 ## email: [email protected]