Importing List of Addresses into IP Tables
Hi there --
I have a list of addresses from a Shorewall blacklist file, and I would like to import them into my iptables list. Aside from manually entering in the addresses, is there a tool I can use to facilitate the process? Thanks. |
We can probably parse them out with perl or other core utils (grep, awk, sed). Can you post some lines (if not all) from the file?
|
Hi there --
Thanks for your reply. Listed below is a partial list of the addresses in questions: 61.0.0.0/8 tcp 22,25,53,6000 61.0.0.0/8 tcp 65.23.0.0/16 tcp 65.24.0.0/16 tcp 130.65.0.0/16 tcp 217.10.106.0/24 tcp 210.229.150.0/16 tcp 134.102.0.0/8 tcp 2.0.0.0/7 tcp 4.0.0.0/6 tcp 8.0.0.0/5 tcp 11.0.0.0/8 tcp 15.0.0.0/8 tcp 17.0.0.0/8 tcp #Apple 18.0.0.0/7 tcp #MIT #43.0.0.0/8 tcp #Japan 41.0.0.0/8 tcp #AfriNIC 148.245.0.0/16 tcp #Mexico LACNIC 44.0.0.0/8 tcp #Amateur Radio 62.0.0.0/8 tcp #RIPE |
perl
Here is the perl script I created to parse and make rules:
Code:
#!/usr/bin/perl Code:
int0x80:~/source/perl/shorewall-iptables$ ./wall.pl kaplan71.txt Code:
int0x80:~/source/perl/shorewall-iptables$ cat kaplan71.txt |
Hi there --
I ran the perl script as root and unfortunately the follow output appeared: iptables -I INPUT -i eth0 -p -s 221.113.7.0/24 tcp 22,25,53,6000 -j DROP iptables v1.3.5: unknown protocol `-s' specified Try `iptables -h' or 'iptables --help' for more information. iptables -I INPUT -i eth0 -p -s 61.0.0.0/8 tcp 22,25,53,6000 -j DROP iptables v1.3.5: unknown protocol `-s' specified I did run the script as a non-root user, via the sudo command, and I got output similar to what you saw, the only thing is, there were no changes to the iptables file after it was run. What change(s) should I make to the script? Thanks in advance. |
You got to specify the type of protocol in your iptables command.
Code:
-p tcp/udp |
amitsharma is correct, your protocol has been misplaced in the command.
Be sure to check the script you are running is identical to what I posted. |
Hi there --
I verified that the script was identical to what you had posted, and I ran it again, and while there was output onscreen, there was no change made to the /etc/sysconfig/iptables file. I also deleted the existing wall.pl file and recreated it from scratch, without any success. I ran the command as root and sudo user with the same results. When I ran an individual line as sudo or root user, I got the unknown protocol -s error. What am I missing here? |
First, it does not write anything to /etc/sysconfig/iptables, where do you see that in the code? If you want to see the rules, run iptables -nvL and pipe to less if necessary. Show me your usage here, copy and paste from your terminal. Use the CODE or QUOTE tags around it to preserve formatting. Include everything (source, usage, output).
|
Sorry about the confusion. I am entering the data now. Thanks for the help.
|
All times are GMT -5. The time now is 09:41 AM. |