LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   IPTables Script Question (https://www.linuxquestions.org/questions/linux-general-1/iptables-script-question-463842/)

eggman95 07-13-2006 09:10 PM

IPTables Script Question
 
I have this script that drops packets coming from IP's that I list in a text file. My question is what does "for BLOCKED_IP in 'cat /root/geoblock.txt '" mean?

I know that it is reading from the file /root/geoblock.txt but I'm not sure what "for BLOCKED_IP" means.

In my text file, all i have is a list of IPs. Do I have to change the text file to include BLOCKED_IP in it?

Code:

#!/bin/bash
#SCript that will block IP's from a text file.


if [ -f /root/geoblock.txt ]
then
        for BLOCKED_IP in 'cat /root/geoblock.txt '
        do
        iptables -A INPUT -s $BLOCKED_IP -j DROP
        done
else
        echo "No Geo-IP Blocking file exists!"
fi

I'm new at scripting so I'm a little confused.

Thanks!

musicman_ace 07-13-2006 09:36 PM

Its the variable being assigned to the values in the geoblock file. So basically for each value in the file assign the name BLOCKED_IP to it. Then that variable is read into the Do loop. The $BLOCKED_IP is referencing a variable defined within the script.

Output would look something like
Code:

iptables -A INPUT -s 10.1.1.2 -j DROP
iptables -A INPUT -s 10.1.1.3 -j DROP
iptables -A INPUT -s 10.1.1.4 -j DROP
iptables -A INPUT -s 10.1.1.5 -j DROP
iptables -A INPUT -s 10.1.1.6 -j DROP
iptables -A INPUT -s 10.1.1.7 -j DROP
iptables -A INPUT -s 10.1.1.8 -j DROP
iptables -A INPUT -s 10.1.1.9 -j DROP
and so on.....

Interpretting that would be Append a rule to the INPUT table where source = 10.1.1.x and DROP it.

eggman95 07-14-2006 04:57 AM

Thanks a lot


All times are GMT -5. The time now is 02:11 AM.