Manipulate variables with iptables (script.sh)
 

Hello,

For example I have 10 servers and wanted to do a configuration (at the iptables) for a single server, but this configuration should be taken into account by other servers.

For example I have the @ 192.168.22.190 of my server and @ 171.135.1.23 of the router,
I want to create a script that aims to:

If I change the @ SERVER = "192.168.22.190", the other servers should consider the change.

Here is a try that I did and I know is that it will work or not



SERVER="192.168.22.190"
for ROUTER in 171.135.1.23;
do
iptables -A INPUT -m state --state NEW -m tcp -s $SERVER -p tcp -- match multiport --dports 22,8080 -j ACCEPT
done


I'am sorry for my english and thanks

When you run iptables on one server, it only affects this one server. You will have to run iptables on each of the other servers as well.

This code opens ports 22 and 8080 for packets from 192.168.22.190. I don't understand the purpose of the for loop - it does effectively nothing, and the ROUTER variable is not used at all. The semicolon is superfluous as well.

In other words, your code is 100% equivalent to
If you want to open these ports on all your servers, perhaps something like this will be the solution:

.. which would add it to the in-memory cfg. Ensure you save it to disk to persist across reboots.