#!/bin/sh # # rule expire 처리 # # - rule 생성 예) iptables -A INPUT -s -m comment --comment "expire=`date -d '+ 30 min' +%s`" -j DROP export PATH=$PATH:/sbin:/usr/sbin:/usr/local/bin iptables -L INPUT -n --line-numbers | \ perl -ne 'next unless /(^\d+).*expire=(\d+)/; if ($2 < time) { system "iptables -D INPUT $1"; }'