LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 07-13-2006, 09:10 PM   #1
eggman95
Member
 
Registered: Oct 2003
Location: NYC
Distribution: Slackware
Posts: 37

Rep: Reputation: 15
Question IPTables Script Question


I have this script that drops packets coming from IP's that I list in a text file. My question is what does "for BLOCKED_IP in 'cat /root/geoblock.txt '" mean?

I know that it is reading from the file /root/geoblock.txt but I'm not sure what "for BLOCKED_IP" means.

In my text file, all i have is a list of IPs. Do I have to change the text file to include BLOCKED_IP in it?

Code:
#!/bin/bash
#SCript that will block IP's from a text file.


if [ -f /root/geoblock.txt ]
then
         for BLOCKED_IP in 'cat /root/geoblock.txt '
         do
         iptables -A INPUT -s $BLOCKED_IP -j DROP
         done
else
         echo "No Geo-IP Blocking file exists!"
fi
I'm new at scripting so I'm a little confused.

Thanks!
 
Old 07-13-2006, 09:36 PM   #2
musicman_ace
Senior Member
 
Registered: May 2001
Location: Indiana
Distribution: Gentoo, Debian, RHEL, Slack
Posts: 1,555

Rep: Reputation: 46
Its the variable being assigned to the values in the geoblock file. So basically for each value in the file assign the name BLOCKED_IP to it. Then that variable is read into the Do loop. The $BLOCKED_IP is referencing a variable defined within the script.

Output would look something like
Code:
iptables -A INPUT -s 10.1.1.2 -j DROP
iptables -A INPUT -s 10.1.1.3 -j DROP
iptables -A INPUT -s 10.1.1.4 -j DROP
iptables -A INPUT -s 10.1.1.5 -j DROP
iptables -A INPUT -s 10.1.1.6 -j DROP
iptables -A INPUT -s 10.1.1.7 -j DROP
iptables -A INPUT -s 10.1.1.8 -j DROP
iptables -A INPUT -s 10.1.1.9 -j DROP
and so on.....
Interpretting that would be Append a rule to the INPUT table where source = 10.1.1.x and DROP it.

Last edited by musicman_ace; 07-13-2006 at 09:45 PM.
 
Old 07-14-2006, 04:57 AM   #3
eggman95
Member
 
Registered: Oct 2003
Location: NYC
Distribution: Slackware
Posts: 37

Original Poster
Rep: Reputation: 15
Thanks a lot
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables (with masq) troubleshooting, very simple script attached script and logs. xinu Linux - Networking 13 11-01-2007 04:19 AM
iptables script tomsasse Linux - Networking 3 09-17-2005 05:25 PM
iptables script help radix Linux - Security 6 09-25-2003 02:48 PM
iptables script question iceman47 Linux - Networking 1 12-18-2002 10:39 AM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 07:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 12:05 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration