bre*_*ent 12 networking linux redhat
如何ip rule在 Linux(特别是基于 Redhat 的发行版)上配置持久化?没有内置方法吗?添加/etc/rc.d/rc.local或创建自己的rc.d脚本是我唯一的选择吗?
编辑:为了澄清,我不是指iptables但ip工具(我不认为很多人都熟悉)。无论如何,我尝试保留的规则是使用以下命令添加的:
# ip rule add fwmark 1 lookup 100
# ip rule
...
32765: from all fwmark 0x1 lookup 100
...
我发现这样做的唯一参考来自 Novell:http : //www.novell.com/support/viewContent.do? externalId = 7008874&sliceId =1建议创建一个rc.d脚本
bre*_*ent 12
按照惯例,我在提问后不久就偶然发现了自己问题的答案:) 在http://grokbase.com/t/centos/centos/099bmc07mq/persisting-iproute2-routes-and-rules找到了答案
在 Redhat 5+ 上,/etc/sysconfig/network-scripts/ifup-routes脚本处理rule-*文件。相关代码如下:
# Routing rules
FILES="/etc/sysconfig/network-scripts/rule-$1"
if [ -n "$2" -a "$2" != "$1" ]; then
FILES="$FILES /etc/sysconfig/network-scripts/rule-$2"
fi
for file in $FILES; do
if [ -f "$file" ]; then
{ cat "$file" ; echo ; } | while read line; do
if [[ ! "$line" =~ $MATCH ]]; then
/sbin/ip rule add $line
fi
done
fi
done
RHEL 6.5 脚本(可能是 6+ 版本):
# Routing rules
FILES="/etc/sysconfig/network-scripts/rule-$1 /etc/sysconfig/network-scripts/rule6-$1"
if [ -n "$2" -a "$2" != "$1" ]; then
FILES="$FILES /etc/sysconfig/network-scripts/rule-$2 /etc/sysconfig/network-scripts/rule6-$2"
fi
for file in $FILES; do
if [ -f "$file" ]; then
handle_ip_file $file
fi
done
handle_ip_file() {
local f t type= file=$1 proto="-4"
f=${file##*/}
t=${f%%-*}
type=${t%%6}
if [ "$type" != "$t" ]; then
proto="-6"
fi
{ cat "$file" ; echo ; } | while read line; do
if [[ ! "$line" =~ $MATCH ]]; then
/sbin/ip $proto $type add $line
fi
done
}
小智 7
以上大约是答案的 3/4 - 缺少的部分是如何格式化 /etc/sysconf/network-scripts/rule-ethX 文件。您还需要将路由表添加到 /etc/iproute2/rt_tables:
# add a line with a table identifier and name:
100 ISPname
并添加规则文件 /etc/sysconfig/network-scripts/rule-eth0:
# rule-eth0
from 1.2.3.4/24 table {table name from /etc/iproute2/rt_tables}
to 1.2.3.4/24 table {table name from /etc/iproute2/rt_tables}
请注意,表名必须匹配,并且区分大小写。
| 归档时间: |
|
| 查看次数: |
19783 次 |
| 最近记录: |