目前有两台服务器操作必现,其他服务器没发现问题,这可能是什么原因
命令类似:
iptables -A INPUT -s xx.xx.xx.xx/32 -p tcp -m multiport -j ACCEPT –dports 10101,10102,10103
简化后的代码如下
package main
import (
"bufio"
"bytes"
"log"
"os"
"os/exec"
)
const (
FILENAME = "info.txt"
)
func main() {
iptableList, err := getInfo()
if err != nil {
log.Println(err)
return
}
for _, cmd := range *iptableList {
var stdout, stderr bytes.Buffer
command := exec.Command("bash", "-c", "iptables"+cmd)
command.Stderr = &stderr
command.Stdout = &stdout
err := command.Run()
if err != nil {
log.Println(err, cmd)
return
}
}
}
// 读取文件的内容,一共100多条
func getInfo() (*[]string, error) {
file, err := os.Open(FILENAME)
if err != nil {
log.Fatal(err)
}
defer file.Close()
scanner := bufio.NewScanner(file)
var lines []string
for scanner.Scan() {
lines = append(lines, scanner.Text())
}
if err := scanner.Err(); err != nil {
return &lines, err
}
return &lines, nil
}
Another app is currently holding the xtables lock。 应该是有其他程序占用,可以通过ps -fp $(pidof iptables)或者lsof -p $(pidof iptables)或者 lsof -n 2>/dev/null | grep xtables.lock 找到指定的进程,并处理掉,再重新执行命令
另外代码优化了一下,仅供参考。原代码”iptables” + cmd可能会有空格问题
package main
import (
"bufio"
"log"
"os"
"os/exec"
"strings"
)
const (
FILENAME = "info.txt"
)
func main() {
iptableList, err := getInfo()
if err != nil {
log.Println(err)
return
}
for _, cmd := range iptableList {
output, err := exec.Command("iptables", strings.Split(cmd, " ")...).Output()
if err != nil {
log.Printf("cmd: %s, err: %s, output: %s\n", cmd, err, output)
return
}
}
}
func getInfo() ([]string, error) {
file, err := os.Open(FILENAME)
if err != nil {
log.Fatal(err)
}
defer file.Close()
scanner := bufio.NewScanner(file)
var lines []string
for scanner.Scan() {
lines = append(lines, scanner.Text())
}
if err := scanner.Err(); err != nil {
return lines, err
}
return lines, nil
}
