使用整段 IPv6 以避免被墙的设置方案:
假设我们拥有 2602:feda:db8::/48
这段 IPv6 地址,且该段地址被静态路由至我们的服务器。
首先配置防火墙,详略。
将整段 IPv6 地址配置至服务器:
# get ipv4 allocation records from rex.apnic.net | |
# rename it to apnic_ipv4.csv | |
grep -o ',"103.\+","2."' apnic_ipv4.csv | sed 's/,"//' | sed 's/","/\//' | sed 's/"$//' | sort -t . -k 1,1n -k 2,2n -k 3,3n | gawk -F '.' '{ printf "0x%x%s\n", lshift($2, 8) + $3, $4}' | sed 's/0\//\//' | gawk --non-decimal-data -F '/' '{ for (i = 1; i <= lshift(1, 24-$2); i++) printf "%d\n", $1+i-1 }' > final | |
seq 0x100 0xffff > total | |
diff --side-by-side --suppress-common-lines total final | gawk '{ printf "%x\n",lshift(103,24) + lshift($1,8) }' | gawk --non-decimal-data '{for (i=1;i<=NF;i++) printf "%d%s","0x"$i,(i==NF?"\n":".")}' FPAT='..' | sed 's/$/\/24/' > unallocated_ip.txt |