Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-25-2012, 06:24 AM
|
#1
|
Member
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Rep: 
|
Swap Iptable rules using ruleno. using a perl script
the perl script is supposed to take two arguments
rule_number1 and rule_number2
and we will call this script say swap.pl 1 2
it should swap the rules in iptables say INPUT chain
|
|
|
06-26-2012, 06:02 AM
|
#2
|
Member
Registered: Apr 2009
Location: Melbourne
Distribution: Fedora & CentOS
Posts: 854
Rep: 
|
What exactly is your question?
|
|
|
06-27-2012, 02:37 AM
|
#3
|
Member
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Original Poster
Rep: 
|
there are iptable rules in your system say for INPUT chain in the sequence
1...10
we want to swap rule number 2 7 say
we want to do this swapping through a perl script
the design steps are
The script "swap_iptable_rules.pl" will take two parameters
<first_rule_number>, <second_rule_number>
so one would call it like this ---> swap_iptables_rules.pl 3 8.
You need to delete rule number 3 and rule number 8 from iptables
but if you first delete them you will loose the rules,
so first you need to list them and get the rule.
Step 1: List iptables rules by rulenumbers
iptables -L -v -n --line-numbers
Step 2: Read rule number 3 by using iptables --line-numbers and grep
Step 3: Read rule number 8 by using iptables --line-numbers and grep
Store what you get in Step2 into $first_rule and Step3 into $second_rule
Step 4: Delete rule 3 and 8 using iptables -D rulenum
Step 5: Add $first_rule to second position i.e. to place 8 using iptables -I rulenum and $first_rule
Step 6: Add $second_rule to first position i.e. to place 3 using iptables -I rulenum and $second_rule
done
|
|
|
06-27-2012, 03:36 AM
|
#4
|
Member
Registered: Apr 2010
Location: Kinshasa, Democratic Republic of Congo
Distribution: RHEL, Fedora, CentOS
Posts: 525
Rep:
|
Hi Balvinder87,
It seems that you already have the full algorithm.
We will appreciate if you can share with us the derived Perl script.
Last edited by tshikose; 06-27-2012 at 07:01 AM.
Reason: typos: "that already" instead of "that you already", and "You will" instead of "We will"
|
|
|
06-27-2012, 06:43 AM
|
#5
|
Member
Registered: Apr 2009
Location: Melbourne
Distribution: Fedora & CentOS
Posts: 854
Rep: 
|
May i recommend using the iptables-save file rather than the output of iptables -nvL. Since the iptables-save file is the same format as iptables commands, which will be a lot easier than having to parse the output from -nvL.
If you want somebody to write your script for you, that aint gunna happen. We're aren't a do it for you type of forum, we're here to help you learn how to do it yourself.
Personally, i would do this in a bash script, run iptables-save, grep to put the rules into variables, and then sed to replace whatever is on line number $x with the contents of the variables, then reload iptables.
This will assume that you are swapping LINE numbers, not RULE numbers inside the chain, to do this with rule numbers, you would grep for the relevant chain (probably also passed as a parameter to the script), and also keep track of the line number since this wont match the line numbers you are using with sed.
|
|
|
06-27-2012, 07:19 AM
|
#6
|
Member
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Original Poster
Rep: 
|
thanks for the reply
I got it now
|
|
|
All times are GMT -5. The time now is 08:38 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|