VPS防火墙一键屏蔽邮件、BT端口脚本

如果你购买的VPS会拿出去分享给他人使用,尤其是代理共享使用的话,难免会碰到有人用你的vps去发广告或者下bt之类的,这些操作都会让你的vps被服务商暂停,所以非常有必要用防火墙来屏蔽一下常见的邮件和bt端口。

这里给大家推荐一个很好用的一键包Get_Out_Spam

使用方法,直接输入下面这串命令即可。

wget -4qO- onekey.sh/Get_Out_Spam|bash

一键包具体内容如下:
#!/bin/bash
#########################################################################
# File Name: Get_Out_Spam.sh
# Author: LookBack
# Email: admin#dwhd.org
# Version:
# Created Time: 2015年09月15日 星期二 22时30分38秒
#########################################################################

smpt_port="25,26,465"
pop_port="109,110,995"
imap_port="143,218,220,993"
other_port="24,50,57,105,106,158,209,587,1109,24554,60177,60179"
key_word=(Subject HELO SMTP
"torrent" ".torrent" "peer_id=" "announce"
"info_hash" "get_peers" "find_node"
"BitTorrent" "announce_peer"
"BitTorrent protocol" "announce.php?passkey=")

v4iptables=`which iptables 2>/dev/null`
v6iptables=`which ip6tables 2>/dev/null`

cat_rules() { $1 -t $2 -L OUTPUT -nvx --line-numbers; }
mangle_key_word() { $1 -t mangle -A OUTPUT -m string --string "$2" --algo bm --to 65535 -j DROP; }
tcp_port_DROP() {
[ "$1" = "$v4iptables" ] && $1 -t filter -A OUTPUT -p tcp -m multiport --dports $2 -m state --state NEW,ESTABLISHED -j REJECT --reject-with icmp-port-unreachable
[ "$1" = "$v6iptables" ] && $1 -t filter -A OUTPUT -p tcp -m multiport --dports $2 -m state --state NEW,ESTABLISHED -j REJECT --reject-with tcp-reset
}
udp_port_DROP() { $1 -t filter -A OUTPUT -p udp -m multiport --dports $2 -j DROP; }
save_rules() {
if [ -f /etc/redhat-release ]; then
for i in $v4iptables $v6iptables;do ${i}-save > /etc/sysconfig/`basename $i`; done
else
for i in $v4iptables $v6iptables;do ${i}-save > /etc/`basename $i`.rules;done
cat > /etc/network/if-pre-up.d/iptables << EOF #!/bin/bash ${v4iptables}-restore < /etc/`basename $v4iptables`.rules EOF chmod +x /etc/network/if-pre-up.d/iptables fi } if [ -n "$v4iptables" -a -n "$v6iptables" ]; then for i in ${key_word[@]}; do for j in $v4iptables $v6iptables; do mangle_key_word $j $i; done; done for i in ${smpt_port} ${pop_port} ${imap_port} ${other_port}; do for j in $v4iptables $v6iptables; do tcp_port_DROP $j $i && udp_port_DROP $j $i; done; done clear && for i in $v4iptables $v6iptables; do for j in filter mangle; do cat_rules $i $j; done; done && save_rules elif [ -n "$v4iptables" ]; then for i in ${key_word[@]}; do mangle_key_word $v4iptables $i;done for i in ${smpt_port} ${pop_port} ${imap_port} ${other_port}; do tcp_port_DROP $v4iptables $i && udp_port_DROP $v4iptables $i; done clear && for i in filter mangle; do cat_rules $v4iptables $i;done && save_rules else echo "Your system don't find iptables" fi

测试VPS性能和网速的一键脚本bench.sh

通常我们购买vps后会在意VPS的性能和网速,所以就需要来给vps跑一个性能测试。

目前用的最多的就是bench.sh这个脚本了。使用方法也很简单。直接输入下面的命令。

wget -qO- bench.sh | bash

或者

curl -Lso- bench.sh | bash

如果提示wget或者curl命令不存在的话,就需要自己安装,命令如下:

apt-get install wget 或者 yum install wget

Debian和Ubuntu用apt-get命令,Centos用Yum命令,如果要安装curl直接替换命令就行了。

最后测试出来的结果如下:

[root@localhost ~]# bash bench.sh

------------------------VPS基本信息------------------------------------
CPU model : Common KVM processor
Number of cores : 1
CPU frequency : 3199.998 MHz
Total size of Disk : 20.0 GB (1.1 GB Used)
Total amount of Mem : 992 MB (67 MB Used)
Total amount of Swap : 0 MB (0 MB Used)
System uptime : 7 days, 14 hour 28 min
Load average : 0.18, 0.07, 0.06
OS : CentOS 7.2.1511
Arch : x86_64 (64 Bit)
Kernel : 3.10.0-327.el7.x86_64
-----------------------VPS硬盘读写------------------------------------
I/O speed(1st run) : 769 MB/s
I/O speed(2nd run) : 1.0 GB/s
I/O speed(3rd run) : 1.0 GB/s
Average I/O speed : 939.0 MB/s
-----------------------VPS网速测试------------------------------------
Node Name IPv4 address Download Speed
CacheFly 205.234.175.175 90.7MB/s
Linode, Tokyo, JP 106.187.96.148 15.2MB/s
Linode, Singapore, SG 139.162.23.4 3.21MB/s
Linode, London, UK 176.58.107.39 2.39MB/s
Linode, Frankfurt, DE 139.162.130.8 3.51MB/s
Linode, Fremont, CA 50.116.14.9 12.5MB/s
Softlayer, Dallas, TX 173.192.68.18 34.5MB/s
Softlayer, Seattle, WA 67.228.112.250 7.78MB/s
Softlayer, Frankfurt, DE 159.122.69.4 3.44MB/s
Softlayer, Singapore, SG 119.81.28.170 2.40MB/s
Softlayer, HongKong, CN 119.81.130.170 4.32MB/s
----------------------------------------------------------------------
Node Name IPv6 address Download Speed
Linode, Atlanta, GA 2600:3c02::4b 6.89MB/s
Linode, Dallas, TX 2600:3c00::4b 13.5MB/s
Linode, Newark, NJ 2600:3c03::4b 4.20MB/s
Linode, Singapore, SG 2400:8901::4b 3.87MB/s
Linode, Tokyo, JP 2400:8900::4b 20.7MB/s
Softlayer, San Jose, CA 2607:f0d0:2601:2a::4 13.1MB/s
Softlayer, Washington, WA 2607:f0d0:3001:78::2 3.72MB/s
Softlayer, Paris, FR 2a03:8180:1301:8::4 7.48MB/s
Softlayer, Singapore, SG 2401:c900:1101:8::2 3.28MB/s
Softlayer, Tokyo, JP 2401:c900:1001:16::4 9.33MB/s
----------------------------------------------------------------------