brnet/inet_setting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
86307e309a844c56e9bef19a42e4093a776981bf
inet_setting/pub_route.sh
daxi20 86307e309a update
2025-10-13 19:40:37 +08:00

88 lines
3.1 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/bin/bash
# 检查是否以root权限运行
if [ "$(id -u)" -ne 0 ]; then
echo "错误请使用root权限运行sudo ./pub_route.sh"
exit 1
fi
# 配置参数
TABLE_NAME="ipv4_pub" # 路由表名称
TABLE_ID=102 # 路由表编号1-252之间
SOURCE_CIDR="44.32.191.0/24" # 源网段(必须正确填写,否则规则无效)
FROM_PRIORITY=1000 # 来源策略优先级
TO_PRIORITY=800 # 目的策略优先级
RT_TABLES="/etc/iproute2/rt_tables"
# 网络出口设定
TARGET_IP="10.188.0.44" # 新加坡Vultr
# 1. 验证源网段是否合法
if ! echo "$SOURCE_CIDR" | grep -qE '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$'; then
echo "错误:源网段$SOURCE_CIDR格式无效,请检查配置"
exit 1
fi
# 2.获取网关
echo "正在获取网关..."
GATEWAY=$(ip route get "$TARGET_IP" | grep -oP 'via \K\d+\.\d+\.\d+\.\d+')
if [ -z "$GATEWAY" ]; then
echo "错误:无法获取网关,请检查网络"
exit 1
fi
echo "成功获取网关:$GATEWAY"
# 3. 确保路由表存在
if ! grep -q "^${TABLE_ID}[[:space:]]\+${TABLE_NAME}" "$RT_TABLES"; then
echo "添加路由表 $TABLE_NAME(编号$TABLE_ID..."
echo "${TABLE_ID} ${TABLE_NAME}" >> "$RT_TABLES"
else
echo "路由表 $TABLE_NAME 已存在,无需创建"
fi
# 4. 配置/更新默认路由
echo "配置$TABLE_NAME表的默认路由via $GATEWAY..."
ip route del default table "$TABLE_NAME" 2>/dev/null # 删除旧路由
ip route add default via "$GATEWAY" table "$TABLE_NAME" # 添加新路由
echo "默认路由已更新为default via $GATEWAY table $TABLE_NAME"
# 5. 配置/更新策略规则(使用正确的源网段)
echo "配置策略规则:来源$SOURCE_CIDR使用$TABLE_NAME表..."
# 来源访问任何
ip rule del from "$SOURCE_CIDR" table "$TABLE_NAME" 2>/dev/null
ip rule add from "$SOURCE_CIDR" table "$TABLE_NAME" priority "$FROM_PRIORITY"
# 任何访问来源
ip rule del to "$SOURCE_CIDR" table main 2>/dev/null
ip rule add to "$SOURCE_CIDR" table main priority "$TO_PRIORITY"
echo "策略规则已更新为from $SOURCE_CIDR table $TABLE_NAME priority $PRIORITY"
# 6. 验证配置
echo -e "\n===== 配置验证 ====="
echo "$TABLE_NAME表中的路由"
ip route show table "$TABLE_NAME"
echo -e "\n策略规则"
ip rule show
# 7. 持久化配置Debian/Ubuntu
echo -e "\n===== 持久化配置 ====="
INTERFACE_FILE="/etc/network/interfaces"
PERSIST_MARKER="# 策略路由持久化配置($TABLE_NAME表"
PERSIST_COMMANDS=$(cat <<EOF
$PERSIST_MARKER
up ip route add default via $GATEWAY table $TABLE_NAME
up ip rule add from $SOURCE_CIDR table $TABLE_NAME priority $PRIORITY
up ip rule add to "$SOURCE_CIDR" table main priority "$TO_PRIORITY"
EOF
)
# 删除旧的持久化配置
if grep -q "$PERSIST_MARKER" "$INTERFACE_FILE"; then
echo "删除旧的持久化配置..."
sed -i "/$PERSIST_MARKER/,+2d" "$INTERFACE_FILE"
fi
# 添加新的持久化配置
echo "添加更新后的持久化配置到$INTERFACE_FILE..."
echo "$PERSIST_COMMANDS" >> "$INTERFACE_FILE"
echo -e "\n配置完成所有配置已生效"
Reference in New Issue View Git Blame Copy Permalink