LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 07-19-2011, 03:48 PM   #1
tibix00
LQ Newbie
 
Registered: Jul 2011
Distribution: CentOS 5.6
Posts: 10

Rep: Reputation: Disabled
Bash script issue


Hi guys,

I am trying to write a script to check the iptables rules for some specific IP's.

I go as follows:
============
#!/bin/bash

# define variables
ipt=/sbin/iptables
ip=a.b.c.d

# the below give the right answers
echo $ipt
echo $ip

# now here is the issue

CHECK1a=$($ipt -nL FORWARD -v | grep $ip)
# or
CHECK1a=`$ipt -nL FORWARD -v | grep $ip`
echo $CHECK1a
# this gives the crap
# ...
=============

The above section of my script is where the issue is and I can't figure it out.
Running the script verbosely shows that bash doesn't have the variables values. It looks like this (sh -v <script_name>):
=============
...
CHECK1a=$($ipt -nL FORWARD -v | grep $ip)
$ipt -nL FORWARD -v | grep $ip
or
CHECK1a=`$ipt -nL FORWARD -v | grep $ip`
$ipt -nL FORWARD -v | grep $ip
...
=============

So basically bash does not know that $ipt and $ip are the variables defined above, although the echos work.

I'm not a bash guru, so please give a piece of advice here.

Thanks,
Tibi
 
Old 07-19-2011, 04:05 PM   #2
troya2
LQ Newbie
 
Registered: Oct 2010
Posts: 3

Rep: Reputation: 0
Your second assignment should work: CHECK1a=`$ipt -nL FORWARD -v | grep $ip`

Note that if there are no lines from iptables that contain the IP address you're supplying, there won't be any output. You can verify that you get SOME output by changing the assignment to:

CHECK1a=`$ipt -nL FORWARD -v`

-Troy
 
Old 07-19-2011, 04:11 PM   #3
alroger
Member
 
Registered: Apr 2008
Location: Brazil
Distribution: Ubuntu
Posts: 36

Rep: Reputation: 17
Just to make sure you've tried:
CHECK1a='$ipt -nL FORWARD -v | grep $ip' ### not `
CHECK1a="$ipt -nL FORWARD -v | grep $ip)"
CHECK1a=\$ipt -nL FORWARD -v | grep \$ip
CHECK1a="\$ipt -nL FORWARD -v | grep \$ip"
CHECK1a='\$ipt -nL FORWARD -v | grep \$ip'

Sorry, havent actually tried them.
 
Old 07-19-2011, 04:22 PM   #4
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 15.0
Posts: 1,337

Rep: Reputation: 259Reputation: 259Reputation: 259
Quote:
Originally Posted by alroger View Post
CHECK1a="$ipt -nL FORWARD -v | grep $ip)"
The starting brace is missing:
Code:
CHECK1a="$($ipt -nL FORWARD -v | grep $ip)"
This will make the whole output to go into the variable.
 
Old 07-19-2011, 04:49 PM   #5
tibix00
LQ Newbie
 
Registered: Jul 2011
Distribution: CentOS 5.6
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by troya2 View Post
Your second assignment should work: CHECK1a=`$ipt -nL FORWARD -v | grep $ip`

Note that if there are no lines from iptables that contain the IP address you're supplying, there won't be any output. You can verify that you get SOME output by changing the assignment to:

CHECK1a=`$ipt -nL FORWARD -v`

-Troy
Here is the output after I added just one iptables rule into FORWARD chain of table "filter" (I have replaced IP address with a.b.c.d):

[root@server ~]# sh -v test
#!/bin/bash

ipt=/sbin/iptables
ip=a.b.c.d

echo $ipt
/sbin/iptables
echo $ip
a.b.c.d

CHECK1a=`$ipt -v -nL FORWARD | grep $ip`
$ipt -v -nL FORWARD | grep $ip

echo $CHECK1a
0 0 ACCEPT all -- anaconda-ks.cfg install.log install.log.syslog anaconda-ks.cfg install.log install.log.syslog a.b.c.d 0.0.0.0/0
[root@server ~]#
 
Old 07-20-2011, 03:37 AM   #6
grail
LQ Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 9,774

Rep: Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056
So this is or is not what you are looking for?
 
Old 07-20-2011, 12:03 PM   #7
tibix00
LQ Newbie
 
Registered: Jul 2011
Distribution: CentOS 5.6
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by grail View Post
So this is or is not what you are looking for?
Unfortunately it still does not work:

echo $CHECK1a
0 0 ACCEPT all -- anaconda-ks.cfg install.log install.log.syslog anaconda-ks.cfg install.log install.log.syslog a.b.c.d 0.0.0.0/0

The part "anaconda-ks.cfg install.log install.log.syslog anaconda-ks.cfg install.log install.log.syslog" has nothing to do with the desired (and normal) output.

What is actually needed is to have the variable $CHECK1a get the result of "$ipt -nL FORWARD -v | grep $ip" as value.
It doesn't happen as you can see when bash is trying to execute the command here:

CHECK1a=$($ipt -nL FORWARD -v | grep $ip)
$ipt -nL FORWARD -v | grep $ip
or
CHECK1a=`$ipt -nL FORWARD -v | grep $ip`
$ipt -nL FORWARD -v | grep $ip

In either case above bash does not replace $ipt with /sbin/iptables and $ip with a.b.c.d as it should.

I don't know why but bash doesn't seem to know $ipt is the variable defined above in the script.

Any ideas?

Regards,
Tibi
 
Old 07-20-2011, 12:07 PM   #8
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 15.0
Posts: 1,337

Rep: Reputation: 259Reputation: 259Reputation: 259
What is the output, when you execute on the command line:
Code:
/sbin/iptables -nL FORWARD -v | grep a.b.c.d
?
 
Old 07-20-2011, 12:09 PM   #9
grail
LQ Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 9,774

Rep: Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056
Can you show me what the following output is:
Code:
/sbin/iptables -nL FORWARD -v | grep a.b.c.d
 
Old 07-20-2011, 12:14 PM   #10
tibix00
LQ Newbie
 
Registered: Jul 2011
Distribution: CentOS 5.6
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by grail View Post
Can you show me what the following output is:
Code:
/sbin/iptables -nL FORWARD -v | grep a.b.c.d
/sbin/iptables -nL FORWARD -v | grep a.b.c.d
0 0 ACCEPT all -- * * a.b.c.d 0.0.0.0/0
 
Old 07-20-2011, 12:32 PM   #11
tibix00
LQ Newbie
 
Registered: Jul 2011
Distribution: CentOS 5.6
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by tibix00 View Post
Unfortunately it still does not work:

echo $CHECK1a
0 0 ACCEPT all -- anaconda-ks.cfg install.log install.log.syslog anaconda-ks.cfg install.log install.log.syslog a.b.c.d 0.0.0.0/0

The part "anaconda-ks.cfg install.log install.log.syslog anaconda-ks.cfg install.log install.log.syslog" has nothing to do with the desired (and normal) output.

What is actually needed is to have the variable $CHECK1a get the result of "$ipt -nL FORWARD -v | grep $ip" as value.
It doesn't happen as you can see when bash is trying to execute the command here:

CHECK1a=$($ipt -nL FORWARD -v | grep $ip)
$ipt -nL FORWARD -v | grep $ip
or
CHECK1a=`$ipt -nL FORWARD -v | grep $ip`
$ipt -nL FORWARD -v | grep $ip

In either case above bash does not replace $ipt with /sbin/iptables and $ip with a.b.c.d as it should.

I don't know why but bash doesn't seem to know $ipt is the variable defined above in the script.

Any ideas?

Regards,
Tibi
Oh, sorry.. stupid me.. or I'm just tired.

Bash does know the ipt and ip variables as seen from the output, but why does it replace * * with the content of the current folder?

Tibi
 
Old 07-20-2011, 12:35 PM   #12
grail
LQ Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 9,774

Rep: Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056Reputation: 3056
Because that is what an asterisk expands to. You can test with:
Code:
$ echo *
 
Old 07-20-2011, 12:36 PM   #13
tibix00
LQ Newbie
 
Registered: Jul 2011
Distribution: CentOS 5.6
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by grail View Post
Because that is what an asterisk expands to. You can test with:
Code:
$ echo *
So how should it look like to give the right result?

Tibi
 
Old 07-20-2011, 12:37 PM   #14
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 15.0
Posts: 1,337

Rep: Reputation: 259Reputation: 259Reputation: 259
Maybe you can turn off the expansion by set -f before and turn it on again after the statement by set +f.
 
Old 07-20-2011, 12:43 PM   #15
tibix00
LQ Newbie
 
Registered: Jul 2011
Distribution: CentOS 5.6
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Reuti View Post
Maybe you can turn off the expansion by set -f before and turn it on again after the statement by set +f.
Sorry but I dont really get this. How should I do that?

Tibi
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cygwin issue with bash script jdwilder Other *NIX 7 09-20-2013 05:53 AM
[SOLVED] Strange issue with Bash script and resolution Jinx-Wolf Programming 7 03-19-2011 06:03 PM
Bash script debugging issue internetSurfer Programming 4 01-28-2008 08:24 PM
[SOLVED] issue with variable in bash script angel115 Programming 4 08-21-2006 01:42 PM
small bash script issue zoomzoom Linux - General 7 06-08-2004 06:33 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 10:48 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration