#!/bin/bash # 检查是否以root权限运行 if [ "$(id -u)" -ne 0 ]; then echo "错误:请使用root权限运行(sudo ./pub_route.sh)" exit 1 fi # 配置参数 TABLE_NAME="ipv4_pub" # 路由表名称 TABLE_ID=102 # 路由表编号(1-252之间) SOURCE_CIDR="44.32.191.0/24" # 源网段(必须正确填写,否则规则无效) FROM_PRIORITY=1000 # 来源策略优先级 TO_PRIORITY=800 # 目的策略优先级 RT_TABLES="/etc/iproute2/rt_tables" # 网络出口设定 TARGET_IP="10.188.0.44" # 新加坡Vultr # 1. 验证源网段是否合法 if ! echo "$SOURCE_CIDR" | grep -qE '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$'; then echo "错误:源网段$SOURCE_CIDR格式无效,请检查配置" exit 1 fi # 2.获取网关 echo "正在获取网关..." GATEWAY=$(ip route get "$TARGET_IP" | grep -oP 'via \K\d+\.\d+\.\d+\.\d+') if [ -z "$GATEWAY" ]; then echo "错误:无法获取网关,请检查网络" exit 1 fi echo "成功获取网关:$GATEWAY" # 3. 确保路由表存在 if ! grep -q "^${TABLE_ID}[[:space:]]\+${TABLE_NAME}" "$RT_TABLES"; then echo "添加路由表 $TABLE_NAME(编号$TABLE_ID)..." echo "${TABLE_ID} ${TABLE_NAME}" >> "$RT_TABLES" else echo "路由表 $TABLE_NAME 已存在,无需创建" fi # 4. 配置/更新默认路由 echo "配置$TABLE_NAME表的默认路由(via $GATEWAY)..." ip route del default table "$TABLE_NAME" 2>/dev/null # 删除旧路由 ip route add default via "$GATEWAY" table "$TABLE_NAME" # 添加新路由 echo "默认路由已更新为:default via $GATEWAY table $TABLE_NAME" # 5. 配置/更新策略规则(使用正确的源网段) echo "配置策略规则:来源$SOURCE_CIDR使用$TABLE_NAME表..." # 来源访问任何 ip rule del from "$SOURCE_CIDR" table "$TABLE_NAME" 2>/dev/null ip rule add from "$SOURCE_CIDR" table "$TABLE_NAME" priority "$FROM_PRIORITY" # 任何访问来源 ip rule del to "$SOURCE_CIDR" table main 2>/dev/null ip rule add to "$SOURCE_CIDR" table main priority "$TO_PRIORITY" echo "策略规则已更新为:from $SOURCE_CIDR table $TABLE_NAME priority $PRIORITY" # 6. 验证配置 echo -e "\n===== 配置验证 =====" echo "$TABLE_NAME表中的路由:" ip route show table "$TABLE_NAME" echo -e "\n策略规则:" ip rule show # 7. 持久化配置(Debian/Ubuntu) echo -e "\n===== 持久化配置 =====" INTERFACE_FILE="/etc/network/interfaces" PERSIST_MARKER="# 策略路由持久化配置($TABLE_NAME表)" PERSIST_COMMANDS=$(cat <> "$INTERFACE_FILE" echo -e "\n配置完成!所有配置已生效"