如何在
Linux上配置持久性ip规则(特别是基于Redhat的发行版)?有内置方法吗?我唯一的选择是添加到/etc/rc.d/rc.local还是创建自己的rc.d脚本?
编辑:为了澄清我不是指iptables而是ip工具(我认为很多人都不熟悉).在任何情况下,我试图保持的规则添加以下命令:
# ip rule add fwmark 1 lookup 100 # ip rule ... 32765: from all fwmark 0x1 lookup 100 ...
我发现这样做的唯一参考来自Novell:http://www.novell.com/support/viewContent.do?externalId=7008874&sliceId=1,它建议创建一个rc.d脚本
解决方法
按照惯例,我在询问后不久就偶然发现了自己问题的答案:)在
http://grokbase.com/t/centos/centos/099bmc07mq/persisting-iproute2-routes-and-rules找到答案
在Redhat 5上,/ etc / sysconfig / network-scripts / ifup-routes脚本处理rule- *文件.相关代码如下:
# Routing rules
FILES="/etc/sysconfig/network-scripts/rule-$1"
if [ -n "$2" -a "$2" != "$1" ]; then
FILES="$FILES /etc/sysconfig/network-scripts/rule-$2"
fi
for file in $FILES; do
if [ -f "$file" ]; then
{ cat "$file" ; echo ; } | while read line; do
if [[ ! "$line" =~ $MATCH ]]; then
/sbin/ip rule add $line
fi
done
fi
done
RHEL 6.5的脚本(可能是较旧的6):
# Routing rules
FILES="/etc/sysconfig/network-scripts/rule-$1 /etc/sysconfig/network-scripts/rule6-$1"
if [ -n "$2" -a "$2" != "$1" ]; then
FILES="$FILES /etc/sysconfig/network-scripts/rule-$2 /etc/sysconfig/network-scripts/rule6-$2"
fi
for file in $FILES; do
if [ -f "$file" ]; then
handle_ip_file $file
fi
done
handle_ip_file() {
local f t type= file=$1 proto="-4"
f=${file##*/}
t=${f%%-*}
type=${t%%6}
if [ "$type" != "$t" ]; then
proto="-6"
fi
{ cat "$file" ; echo ; } | while read line; do
if [[ ! "$line" =~ $MATCH ]]; then
/sbin/ip $proto $type add $line
fi
done
}
