LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 07-24-2005, 05:48 PM   #1
gizza23
Member
 
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Rep: Reputation: 31
Generating A Script


I have a firewall script that actually isn't a script. This thing won't run and seeing as it 's the first time I've dont something like this problems have come up. The current script is run like this:

Code:
[root@mun-175-25 lorenzo]# ls
plenum.odt     CDProgram  ethereal-0.10.11  Mu
bluej-205.jar  Desktop    HOWTOFixYum       rules

[root@mun-175-25 lorenzo]# chmod +x rules
[root@mun-175-25 lorenzo]# ./rules
: bad interpreter: No such file or directory

[root@mun-175-25 lorenzo]# ls
plenum.odt     CDProgram  ethereal-0.10.11  Mu     rules~
bluej-205.jar  Desktop    HOWTOFixYum       rules
[root@mun-175-25 lorenzo]#

Code:
#!/bin/sh

# Generated by michaelsanford at linuxquestions.org ;)

# It's always good to have variables for things like this
IPTABLES="/sbin/iptables"

# Flush the tables, zero counters and custom chains (in case the script re-runs while the system is already running)
$IPTABLES -t nat -F
$IPTABLES -t filter -F
$IPTABLES -t nat -Z
$IPTABLES -t filter -Z
$IPTABLES -t nat -X
$IPTABLES -t filter -X

# Set up the POLICY and make the custom chains
$IPTABLES -t nat -P OUTPUT ACCEPT
$IPTABLES -t nat -P POSTROUTING ACCEPT
$IPTABLES -t nat -P PREROUTING ACCEPT
$IPTABLES -t nat -A POSTROUTING -m mark --mark 0x9 -j MASQUERADE 
$IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.0 -o eth0 -j ACCEPT 
$IPTABLES -t nat -A POSTROUTING -o eth0 -j MASQUERADE 

#mangle
$IPTABLES -t mangle -P FORWARD ACCEPT
$IPTABLES -t mangle -P INPUT ACCEPT
$IPTABLES -t mangle -P OUTPUT ACCEPT
$IPTABLES -t mangle -P POSTROUTING ACCEPT
$IPTABLES -t mangle -P PREROUTING ACCEPT
$IPTABLES -t mangle -A PREROUTING -i eth0 -j MARK --set-mark 0x9 

# The filter table
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -P INPUT ACCEPT
$IPTABLES -P OUTPUT ACCEPT

# Create custom chains
$IPTABLES -N in_icmp
$IPTABLES -N in_tcp
$IPTABLES -N syn-flood

$IPTABLES -A FORWARD -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT 
$IPTABLES -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT 

$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
$IPTABLES -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 
$IPTABLES -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j syn-flood 
$IPTABLES -A INPUT -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -m state --state NEW -j DROP 
..... Similar code the rest of the way using -A
 
Old 07-24-2005, 06:05 PM   #2
ilikejam
Senior Member
 
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
Hi.

Try using #!/bin/bash instead of #!/bin/sh

Dave
 
Old 07-24-2005, 06:07 PM   #3
COKE CAN
Member
 
Registered: Jul 2005
Location: Yorktown, VA
Distribution: debianSARGE
Posts: 100

Rep: Reputation: 15
If it helps, when I'm in class I always start my scripts off like this:

Code:
#!/bin/csh -f
 
Old 07-24-2005, 06:28 PM   #4
gizza23
Member
 
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Original Poster
Rep: Reputation: 31
I receive the same error as before with #!/bin/bash.

With #!/bin/csh -f i get

Code:
[root@mun-175-25 lorenzo]# chmod +x rules
[root@mun-175-25 lorenzo]# ./rules
'nknown option: `-
Usage: csh [ -bcdefilmnqstvVxX ] [ argument ... ].
 
Old 07-24-2005, 06:47 PM   #5
ilikejam
Senior Member
 
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
If you run 'ps' one of the processes should be the shell you're currently using, e.g.
Code:
[dave@cronus ~]$ ps
  PID TTY          TIME CMD
12044 pts/1    00:00:00 bash
12063 pts/1    00:00:00 ps
Try using that instead of bash or sh in the #!/bin/XXXX line.

Dave
 
Old 07-24-2005, 07:16 PM   #6
gizza23
Member
 
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Original Poster
Rep: Reputation: 31
Same error as before

Code:
[root@mun-175-25 lorenzo]# ps
  PID TTY          TIME CMD
28590 pts/1    00:00:00 su
28593 pts/1    00:00:00 bash
28665 pts/1    00:00:00 gconfd-2
29191 pts/1    00:00:00 ps
[root@mun-175-25 lorenzo]# gedit rules
[root@mun-175-25 lorenzo]# chmod +x rules
[root@mun-175-25 lorenzo]# ./rules
: bad interpreter: No such file or directory
 
Old 07-24-2005, 07:28 PM   #7
ilikejam
Senior Member
 
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
What do you get from 'which bash' ?
 
Old 07-24-2005, 07:33 PM   #8
gizza23
Member
 
Registered: Jun 2005
Location: Chicago, IL, USA
Distribution: Fedora Core, CentOS
Posts: 188

Original Poster
Rep: Reputation: 31
Code:
[root@mun-175-25 lorenzo]# which bash
/bin/bash
I took a look at this dos2unix thing. I think that may be the problem since i made the script in windows and then uploaded it via FTP. although i did reformat it to be a script I still needed to do the conversion.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Generating excel with php rjcrews General 0 10-03-2005 08:22 PM
Bash Script- Finding/Generating unique UserIDs pheasand Linux - General 2 12-11-2004 09:44 AM
Generating Kernel Headers failure_man Slackware 4 05-12-2004 01:05 PM
Generating Combinations of Objects oulevon Programming 1 05-08-2004 07:54 PM
Generating a CSR shaggz Linux - General 1 01-31-2003 11:56 AM


All times are GMT -5. The time now is 06:16 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration