Pleas help me to setup this crontab

kotlt · 10-12-2009, 06:29 AM

I have three file

iptables.sh

Code:

IPT=/sbin/iptables
SPAMLIST=”spamlist”
SPAMDROPMSG=”SPAM LIST DROP”
BADIPS=$(egrep -v -E “^#|^$” /root/iptables/blocked.ips)

# create a new iptables list
$IPT -N $SPAMLIST

for ipblock in $BADIPS
do
$IPT -A $SPAMLIST -s $ipblock -j LOG –log-prefix “$SPAMDROPMSG”
$IPT -A $SPAMLIST -s $ipblock -j DROP
done

$IPT -I INPUT -j $SPAMLIST
$IPT -I OUTPUT -j $SPAMLIST
$IPT -I FORWARD -j $SPAMLIST

autoblock.sh

Code:

/etc/init.d/iptables start
cd /root/iptables

netstat -atun | grep SYN_RECV | awk ‘{print $5}’ | cut -d: -f1 |sort | uniq -d | sort -n > blocked.ips
sh ./iptables.sh

and blocked.ips.

I chmod all file and folder to 777.

When i run command to test
sh /root/iptables/autoblock.sh, it says

Quote:

[root@server ~]# sh /root/iptables/autoblock.sh
: command not found 2:
: command not found 4:
./iptables.sh: line 7: LIST: command not found
./iptables.sh: line 8: ^$: command not found

I'm using centos. Can anyone please correct this sciprts for me ?

And i unable to save crontab.

Code:

crontab -e

and type

Code:

*/2 * * * * /root/iptables/autoblock.sh

I don't know how to save, i tried :wq, :q, :q! , :w! , but nothing changes.

Please help me. Thank you

rizhun · 10-12-2009, 06:49 AM

Hmmm...

The ':wq' should work as long as your $EDITOR is vi/vim.

I'd start by adding a proper sh-bang to the top of those scripts (so you don't need to prefix with the 'sh'):

Code:

#!/bin/bash

I'd also redirect the output on your cron entry:

Code:

*/2 * * * * /root/iptables/autoblock.sh > /dev/null 2>&1

Do you get an error when you try to write & quit?

See if that helps.

linuxlover.chaitanya · 10-12-2009, 06:50 AM

There is some issue with your script. It is giving you errors. In your first script I do not see ipblock variable declared.
Also if your default editor is vi then you should use Esc + :wq to save and quit.
Esc to go from insert mode to command mode.

Oh yes, and if you forgot, insert the shebang line at the top of the script. rizhun has given that already.

kotlt · 10-12-2009, 07:03 AM

Thank you, i have create crontab sucessful. Anyone please correct my code ? I still get error

: command not found 2:
: command not found 4:
./iptables.sh: line 7: LIST: command not found
./iptables.sh: line 8: ^$: command not found

linuxlover.chaitanya · 10-12-2009, 07:22 AM

Do you have the shebang line at the top of the script? Forget about the ipblock comment in my previous post I missed it.

kotlt · 10-12-2009, 07:28 AM

Yes i added it, and still got error

repo · 10-12-2009, 07:31 AM

Try

Code:

netstat -atun | grep SYN_RECV | awk '{print $5}' | cut -d: -f1 |sort | uniq -d | sort -n > blocked.ips

do a

Quote:

cat blocked.ips

to see the content

kotlt · 10-12-2009, 07:37 AM

Still got message, repo

Code:

./iptables.sh: line 4: LIST: command not found
./iptables.sh: line 5: ^$: command not found

My current iptables.sh

Code:

#!/bin/bash
IPT=/sbin/iptables
    SPAMLIST=”spamlist”
    SPAMDROPMSG=”SPAM LIST DROP”
    BADIPS=$(egrep -v -E “^#|^$” /root/iptables/blocked.ips)
    $IPT -N $SPAMLIST
   for ipblock in $BADIPS
    do
    $IPT -A $SPAMLIST -s $ipblock -j LOG –log-prefix “$SPAMDROPMSG”
    $IPT -A $SPAMLIST -s $ipblock -j DROP
    done
    $IPT -I INPUT -j $SPAMLIST
    $IPT -I OUTPUT -j $SPAMLIST
    $IPT -I FORWARD -j $SPAMLIST

//remove LIST in line #4 and still got error

Code:

./iptables.sh: line 5: ^$: command not found

linuxlover.chaitanya · 10-12-2009, 07:45 AM

Code:

egrep -v -E “^#|^$”

Can you change this to

egrep -v -E ^#|^$

rizhun · 10-12-2009, 07:53 AM

Try changing:

SPAMDROPMSG=”SPAM LIST DROP”

to:

SPAMDROPMSG='SPAM LIST DROP'

kotlt · 10-12-2009, 07:53 AM

I replaced, but still got same error

Code:

[root@server ~]# sh /root/iptables/autoblock.sh
./iptables.sh: line 5: ^$: command not found

repo · 10-12-2009, 07:56 AM

So you want to block the ip's you got from

Quote:

netstat -atun | grep SYN_RECV | awk ‘{print $5}’ | cut -d: -f1 |sort | uniq -d | sort -n > blocked.ips

Try

Quote:

#!/bin/bash
IPT=/sbin/iptables
SPAMLIST=”spamlist”
$IPT -N $SPAMLIST
for i in `cat blocked.ips`
do
$IPT -A $SPAMLIST -s $i -j LOG
$IPT -A $SPAMLIST -s $i -j DROP
done
#$IPT -I INPUT -j $SPAMLIST
#$IPT -I OUTPUT -j $SPAMLIST
#$IPT -I FORWARD -j $SPAMLIST

Why do you use

Quote:

BADIPS=$(egrep -v -E “^#|^$” /root/iptables/blocked.ips)

The command gives errors, and I don't see the use for it.

kotlt · 10-12-2009, 08:09 AM

Thank you repo, it work now. Can you please help me a question.

About above script, how to make old-block-ip won't be replaced ?

I mean if my current blocked.ips have two ip
1.1.1.1
and
1.2.2.2

And another ip must be block is 1.3.3.3 will be add in block.ips. Then, blocked.ips will have 3 ips.

My current script don't do that, it remove two old ips and replace by new ip.

Sorry my bad english.

repo · 10-12-2009, 08:11 AM

Quote:

netstat -atun | grep SYN_RECV | awk ‘{print $5}’ | cut -d: -f1 |sort | uniq -d | sort -n > blocked.ips

use

Quote:

netstat -atun | grep SYN_RECV | awk ‘{print $5}’ | cut -d: -f1 |sort | uniq -d | sort -n >> blocked.ips

to add the ip's at the end of the file