Linux(Redhat)上的持久IP规则

12

如何ip rule在Linux(特别是基于Redhat的发行版)上配置持久性?是否没有内置方法?我唯一的选择是添加/etc/rc.d/rc.local还是创建自己的rc.d脚本?

编辑:为澄清起见,我不是指iptablesip工具,而是该工具(我认为很多人都不熟悉)。无论如何,我要保留的规则是通过以下命令添加的:

# ip rule add fwmark 1 lookup 100
# ip rule
...
32765: from all fwmark 0x1 lookup 100
...

我发现这样做的唯一参考来自Novell:http : //www.novell.com/support/viewContent.do? externalId = 7008874&sliceId =1,建议创建rc.d脚本

linux  networking  redhat 
布伦特
source
您可以共享要保留的IP规则吗?
ewwhite 2012年
规则是ip rule add fwmark 1 lookup 100
布伦特

Answers:

11

按照惯例,我问了一下之后不久就偶然发现了自己的问题的答案:)在http://grokbase.com/t/centos/centos/099bmc07mq/persisting-iproute2-routes-and-rules找到了答案

在Redhat 5+上,/etc/sysconfig/network-scripts/ifup-routes脚本处理rule-*文件。相关代码如下:

# Routing rules
FILES="/etc/sysconfig/network-scripts/rule-$1"
if [ -n "$2" -a "$2" != "$1" ]; then
    FILES="$FILES /etc/sysconfig/network-scripts/rule-$2"
fi

for file in $FILES; do
   if [ -f "$file" ]; then
       { cat "$file" ; echo ; } | while read line; do
           if [[ ! "$line" =~ $MATCH ]]; then
           /sbin/ip rule add $line
       fi
       done
   fi
done

RHEL 6.5的脚本(可能是6岁以上的版本):

# Routing rules
FILES="/etc/sysconfig/network-scripts/rule-$1 /etc/sysconfig/network-scripts/rule6-$1"
if [ -n "$2" -a "$2" != "$1" ]; then
FILES="$FILES /etc/sysconfig/network-scripts/rule-$2 /etc/sysconfig/network-scripts/rule6-$2"
fi

for file in $FILES; do
   if [ -f "$file" ]; then
       handle_ip_file $file
   fi
done

handle_ip_file() {
    local f t type= file=$1 proto="-4"
    f=${file##*/}
    t=${f%%-*}
    type=${t%%6}
    if [ "$type" != "$t" ]; then
        proto="-6"
    fi
    { cat "$file" ; echo ; } | while read line; do
        if [[ ! "$line" =~ $MATCH ]]; then
            /sbin/ip $proto $type add $line
        fi
    done
}
布伦特
source
6

以上是答案的3/4-缺少的部分是如何格式化/ etc / sysconf / network-scripts / rule-ethX文件。您还需要将路由表添加到/ etc / iproute2 / rt_tables:

# add a line with a table identifier and name:
100    ISPname

并添加规则文件/ etc / sysconfig / network-scripts / rule-eth0:

# rule-eth0
from 1.2.3.4/24 table {table name from /etc/iproute2/rt_tables}
to 1.2.3.4/24 table {table name from /etc/iproute2/rt_tables}

请注意,表名称必须匹配,并且区分大小写。

鲁宾·贝内特
source
1

请注意,如果对这些规则中的任何规则使用优先级,则必须对所有规则使用优先级。否则,那些没有任何优先级的对象都会被添加到优先级0链中。

sabujp
source
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.