script problem while using awk and passing varibales
im having a small probem trying to pass a variable (a mac address) to another script called add(this will add the mac address to the iptable)
the script below gives me the mac address from a terminal output fine :) but wont pass that variable to another script i have i presume it is mainly because of the errors of command not found (see below) The line i have been having most problem with is sudo arp | grep $ip_address | awk '{print $3}' if there is abetter way then what is it anyway full script given below #!/bin/sh # echo Content-type: text/plain echo ip_address="192.168.1.254" #read ip_address echo $ip_address #echo test1 IPTABLES=/sbin/iptables sudo arp > /root/lankfordu/apache/logs/users.txt echo test2 sudo arp | grep $ip_address | awk '{print $3}' /root/lankfordu/apache/logs/users.txt | /root/lankfordu/www/cgi-bin/add echo test 3 sudo $IPTABLES -t nat -A POSTROUTING -s $ip_address -j MASQUERADE echo test 4 The out put below is when i execute the script from the command line dont worry about the last errors that is an error becacuse the mac address is not passing to the script(ive tested this manually :) ) what worries me is the command not found from users.txt its a text file its shouldnt really run should it! Content-type: text/plain 192.168.1.254 test2 00:30:65:12:64:CE /root/lankfordu/apache/logs/users.txt: line 1: Address: command not found /root/lankfordu/apache/logs/users.txt: line 2: 192.168.1.254: command not found /root/lankfordu/apache/logs/users.txt: line 3: 157.190.181.1: command not found Content-type: text/plain iptables v1.2.7a: Bad mac address `-j' Try `iptables -h' or 'iptables --help' for more information. iptables v1.2.7a: Bad mac address `-i' Try `iptables -h' or 'iptables --help' for more information. test 3 test 4 so im almost there right or is there another way of doing things cheers for your time, if unsure of anything just ask :) |
Bleh, tried thinking about this, but you're going about it all wrong.
/home/blah/add `arp | grep $ip_address | awk '{print $3}'` Will do what you need it to do. Where $ip_address is whatever you've set it to. If this doesn't quite make sense to you, let me know, I'll flesh it out a little bit more for you. |
it helped but (there is always a but isnt there :) )
it works that way but it has to be dynamic i then have to add in the macaddress staticly by hand what i want to do is add it dynamicly ie. the ipaddress from a client who logged onto my site, do the arp to get the mac address matching the given ipaddress and then permit that cleint to use my site via the macaddress entered into by the iptables esay in theory but its just the samll things i know i have a static ipaddress but that aint a big deal (i think!) /root/lankfordu/www/cgi-bin/add `arp | grep $ip_address | awk '{print $3}'` and i deleted the the two lines i had under that the other way outputed the wanted macaddress to the screen but didnt pipe it to the other srcipt and gave me those errors sorry if im not getting it ill try maybe tinkering with the two ways to get it working |
well, depending, I'm still not quite sure of the flow you're trying to achieve. It seems to me like you really want two scripts to work here. You'd do the whole iptables thing, simliar to the script I gave above.
If you can give me a line by line flow of how you'd do this ( everything, from start to finish ) via command line, instead of trying to add extra bits and pieces to it, I could probably help you out a little easier. |
ok sorry if i wasnt clear
anyway first of this wont be executed via ths command lien it will be executed by a php script when a user on my wireless network logs on and wants to use the internet there will be a deny all first of all(except for my site!) when a user logs on the script will take the ipaddress of teh user and get the matching macaddress this macaddress will then be piped to another script where the variable wil be put into an iptable and then the user can gain access to the web! there is 2 scripts at work here the change and the add script the add script works fine but ill post ti anyway so you can see the workings Code:
#!/bin/sh ill give a line by line breakdown of the change script here #!/bin/sh # echo Content-type: text/plain echo #ok first of all this will be read ipaddress, the ip address wil be got from the remote u #i have it static because it makes testing from the command terminal easier ip_address="157.190.181.1" ##where the ipatables module is located IPTABLES=/sbin/iptables #do an arp request of the users connected to the network and output it to a file #this works fine sudo arp > /root/lankfordu/apache/logs/users.txt #now the hard parts IMPORTANT only one of the following lines is used ie i comment one while i work with the other #ok i only need one of these lines imo but they both do different things that i want but i cant combine them #this line will output the macaddress i want to the screen but it wont pipe the macadderss to the file (beacuse there is no file specified right) but if i do specify the file i just get the command not found errors above sudo arp | grep $ip_address | awk '{print $3}' #now this line will wait for an input (the macaddress varibale) when i type in a correct macaddress thsi will take that mac address and pipe it to the file called add which will then work a treat as shwon in the add script above sudo /root/lankfordu/www/cgi-bin/add `arp | grep $ip_address | awk '{print $3}'` just an iptables line that works grand ie enable nat on the address (my clients addresses will be private so this will be needed sudo $IPTABLES -t nat -A POSTROUTING -s $ip_address -j MASQUERADE do us see what im trying to do the way i test thsi is by the command terminal because it is much easier to test imo at the mo i hope this makes it clearer i want the two lines that im having trouble with combined 1:get macaddress dynamically (not have to be entered by hand) and 2: then pipe it to the script called add i can only get one of them to work at once i want 1 + 2 to work togethor if any more questions just ask cheers again for all the help by th way, its probably something small overlooked on my half |
Well did you or anybody else have a look at it?
Does it make more sense now or am I confusing people even more any help much appreacheated :) |
Here.
> for i in `arp | grep -v Address | awk '{print $3}'`;do echo iptables $i --macaddress;echo iptables nat $i blah;done iptables 00:06: --macaddress iptables nat 00:06: blah iptables 00:50: --macaddress iptables nat 00:50: blah > arp Address HWtype HWaddress Flags Mask Iface 10.0.0.252 ether 00:06: C eth1 router ether 00:50: C eth0 As for doing it in a script based off of a web page, I don't know. |
All times are GMT -5. The time now is 05:21 PM. |