LinuxQuestions.org - Generating A Script

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - Generating A Script (https://www.linuxquestions.org/questions/linux-software-2/generating-a-script-346346/)

Generating A Script

I have a firewall script that actually isn't a script. This thing won't run and seeing as it 's the first time I've dont something like this problems have come up. The current script is run like this:

Code:

[root@mun-175-25 lorenzo]# ls

plenum.odt    CDProgram  ethereal-0.10.11  Mu

bluej-205.jar  Desktop    HOWTOFixYum      rules



[root@mun-175-25 lorenzo]# chmod +x rules

[root@mun-175-25 lorenzo]# ./rules

: bad interpreter: No such file or directory



[root@mun-175-25 lorenzo]# ls

plenum.odt    CDProgram  ethereal-0.10.11  Mu    rules~

bluej-205.jar  Desktop    HOWTOFixYum      rules

[root@mun-175-25 lorenzo]#

Code:

#!/bin/sh



# Generated by michaelsanford at linuxquestions.org ;)



# It's always good to have variables for things like this

IPTABLES="/sbin/iptables"



# Flush the tables, zero counters and custom chains (in case the script re-runs while the system is already running)

$IPTABLES -t nat -F

$IPTABLES -t filter -F

$IPTABLES -t nat -Z

$IPTABLES -t filter -Z

$IPTABLES -t nat -X

$IPTABLES -t filter -X



# Set up the POLICY and make the custom chains

$IPTABLES -t nat -P OUTPUT ACCEPT

$IPTABLES -t nat -P POSTROUTING ACCEPT

$IPTABLES -t nat -P PREROUTING ACCEPT

$IPTABLES -t nat -A POSTROUTING -m mark --mark 0x9 -j MASQUERADE 

$IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.0 -o eth0 -j ACCEPT 

$IPTABLES -t nat -A POSTROUTING -o eth0 -j MASQUERADE 



#mangle

$IPTABLES -t mangle -P FORWARD ACCEPT

$IPTABLES -t mangle -P INPUT ACCEPT

$IPTABLES -t mangle -P OUTPUT ACCEPT

$IPTABLES -t mangle -P POSTROUTING ACCEPT

$IPTABLES -t mangle -P PREROUTING ACCEPT

$IPTABLES -t mangle -A PREROUTING -i eth0 -j MARK --set-mark 0x9 



# The filter table

$IPTABLES -P FORWARD ACCEPT

$IPTABLES -P INPUT ACCEPT

$IPTABLES -P OUTPUT ACCEPT



# Create custom chains

$IPTABLES -N in_icmp

$IPTABLES -N in_tcp

$IPTABLES -N syn-flood



$IPTABLES -A FORWARD -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT 

$IPTABLES -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT 



$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

$IPTABLES -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 

$IPTABLES -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j syn-flood 

$IPTABLES -A INPUT -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -m state --state NEW -j DROP 

..... Similar code the rest of the way using -A

Hi.

Try using #!/bin/bash instead of #!/bin/sh

Dave

If it helps, when I'm in class I always start my scripts off like this:

Code:

#!/bin/csh -f

I receive the same error as before with #!/bin/bash.

With #!/bin/csh -f i get

Code:

[root@mun-175-25 lorenzo]# chmod +x rules

[root@mun-175-25 lorenzo]# ./rules

'nknown option: `-

Usage: csh [ -bcdefilmnqstvVxX ] [ argument ... ].

If you run 'ps' one of the processes should be the shell you're currently using, e.g.

Code:

[dave@cronus ~]$ ps

  PID TTY          TIME CMD

12044 pts/1    00:00:00 bash

12063 pts/1    00:00:00 ps

Try using that instead of bash or sh in the #!/bin/XXXX line.

Dave

Same error as before

Code:

[root@mun-175-25 lorenzo]# ps

  PID TTY          TIME CMD

28590 pts/1    00:00:00 su

28593 pts/1    00:00:00 bash

28665 pts/1    00:00:00 gconfd-2

29191 pts/1    00:00:00 ps

[root@mun-175-25 lorenzo]# gedit rules

[root@mun-175-25 lorenzo]# chmod +x rules

[root@mun-175-25 lorenzo]# ./rules

: bad interpreter: No such file or directory

What do you get from 'which bash' ?

Code:

[root@mun-175-25 lorenzo]# which bash

/bin/bash

I took a look at this dos2unix thing. I think that may be the problem since i made the script in windows and then uploaded it via FTP. although i did reformat it to be a script I still needed to do the conversion.