remove_unused_ufw_rules.sh
· 377 B · Bash
Raw
#!/bin/bash
# 获取所有已允许的 UFW 端口
allowed_ports=$(sudo ufw status | grep -oP '^\d+')
for port in $allowed_ports; do
# 检查端口是否在监听
if ! sudo ss -tuln | grep -q ":$port\s"; then
echo "Port $port is not in use. Removing allow rule..."
sudo ufw delete allow "$port"
else
echo "Port $port is in use."
fi
done
| 1 | #!/bin/bash |
| 2 | # 获取所有已允许的 UFW 端口 |
| 3 | allowed_ports=$(sudo ufw status | grep -oP '^\d+') |
| 4 | |
| 5 | for port in $allowed_ports; do |
| 6 | # 检查端口是否在监听 |
| 7 | if ! sudo ss -tuln | grep -q ":$port\s"; then |
| 8 | echo "Port $port is not in use. Removing allow rule..." |
| 9 | sudo ufw delete allow "$port" |
| 10 | else |
| 11 | echo "Port $port is in use." |
| 12 | fi |
| 13 | done |
| 14 |