ok sorry if i wasnt clear
anyway first of this wont be executed via ths command lien it will be executed by a php script when a user on my wireless network logs on and wants to use the internet
there will be a deny all first of all(except for my site!)
when a user logs on the script will take the ipaddress of teh user and get the matching macaddress
this macaddress will then be piped to another script where the variable wil be put into an iptable and then the user can gain access to the web!
there is 2 scripts at work here the change and the add script
the add script works fine but ill post ti anyway so you can see the workings
Code:
#!/bin/sh
#
echo Content-type: text/plain
echo
#read variable from users.txt or from somewhere else
read macaddress
echo $macaddress
IPTABLES=/sbin/iptables
sudo $IPTABLES -A FORWARD -i wlan0 -m mac --mac-source $macaddress -j ACCEPT
sudo $IPTABLES -t nat -A PREROUTING -m mac --mac-source $macaddress -i wlan0 -j ACCEPT
the variable macaddress will have to be piped FROM the change script (the script im having trouble with!)
ill give a line by line breakdown of the change script here
#!/bin/sh
#
echo Content-type: text/plain
echo
#ok first of all this will be read ipaddress, the ip address wil be got from the remote u
#i have it static because it makes testing from the command terminal easier
ip_address="157.190.181.1"
##where the ipatables module is located
IPTABLES=/sbin/iptables
#do an arp request of the users connected to the network and output it to a file
#this works fine
sudo arp > /root/lankfordu/apache/logs/users.txt
#now the hard parts IMPORTANT only one of the following lines is used ie i comment one while i work with the other
#ok i only need one of these lines imo but they both do different things that i want but i cant combine them
#this line will output the macaddress i want to the screen but it wont pipe the macadderss to the file (beacuse there is no file specified right) but if i do specify the file i just get the command not found errors above
sudo arp | grep $ip_address | awk '{print $3}'
#now this line will wait for an input (the macaddress varibale) when i type in a correct macaddress thsi will take that mac address and pipe it to the file called add which will then work a treat as shwon in the add script above
sudo /root/lankfordu/www/cgi-bin/add `arp | grep $ip_address | awk '{print $3}'`
just an iptables line that works grand ie enable nat on the address (my clients addresses will be private so this will be needed
sudo $IPTABLES -t nat -A POSTROUTING -s $ip_address -j MASQUERADE
do us see what im trying to do the way i test thsi is by the command terminal because it is much easier to test imo at the mo
i hope this makes it clearer
i want the two lines that im having trouble with combined
1:get macaddress dynamically (not have to be entered by hand) and 2: then pipe it to the script called add
i can only get one of them to work at once i want 1 + 2 to work togethor
if any more questions just ask
cheers again for all the help by th way, its probably something small overlooked on my half