-   Programming (
-   -   script problem while using awk and passing varibales (

ulto 04-21-2004 10:29 AM

script problem while using awk and passing varibales
im having a small probem trying to pass a variable (a mac address) to another script called add(this will add the mac address to the iptable)
the script below gives me the mac address from a terminal output fine :)
but wont pass that variable to another script i have

i presume it is mainly because of the errors of command not found (see below)
The line i have been having most problem with is
sudo arp | grep $ip_address | awk '{print $3}'

if there is abetter way then what is it
anyway full script given below
echo Content-type: text/plain

#read ip_address
echo $ip_address
#echo test1


sudo arp > /root/lankfordu/apache/logs/users.txt
echo test2
sudo arp | grep $ip_address | awk '{print $3}'
/root/lankfordu/apache/logs/users.txt |
echo test 3

sudo $IPTABLES -t nat -A POSTROUTING -s $ip_address -j MASQUERADE

echo test 4

The out put below is when i execute the script from the command line

dont worry about the last errors that is an error becacuse the mac address is not passing to the script(ive tested this manually :) )
what worries me is the command not found from users.txt
its a text file its shouldnt really run should it!

Content-type: text/plain
/root/lankfordu/apache/logs/users.txt: line 1: Address: command not found
/root/lankfordu/apache/logs/users.txt: line 2: command not found
/root/lankfordu/apache/logs/users.txt: line 3: command not found
Content-type: text/plain

iptables v1.2.7a: Bad mac address `-j'
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.7a: Bad mac address `-i'
Try `iptables -h' or 'iptables --help' for more information.
test 3
test 4

so im almost there right or is there another way of doing things
cheers for your time, if unsure of anything just ask :)

Technoslave 04-21-2004 11:35 AM

Bleh, tried thinking about this, but you're going about it all wrong.

/home/blah/add `arp | grep $ip_address | awk '{print $3}'`

Will do what you need it to do. Where $ip_address is whatever you've set it to.

If this doesn't quite make sense to you, let me know, I'll flesh it out a little bit more for you.

ulto 04-21-2004 12:19 PM

it helped but (there is always a but isnt there :) )
it works that way but it has to be dynamic
i then have to add in the macaddress staticly by hand what i want to do is add it dynamicly ie.

the ipaddress from a client who logged onto my site, do the arp to get the mac address matching the given ipaddress and then permit that cleint to use my site via the macaddress entered into by the iptables
esay in theory but its just the samll things

i know i have a static ipaddress but that aint a big deal (i think!)

/root/lankfordu/www/cgi-bin/add `arp | grep $ip_address | awk '{print $3}'`
and i deleted the the two lines i had under that

the other way outputed the wanted macaddress to the screen but didnt pipe it to the other srcipt and gave me those errors

sorry if im not getting it ill try maybe tinkering with the two ways to get it working

Technoslave 04-21-2004 02:18 PM

well, depending, I'm still not quite sure of the flow you're trying to achieve. It seems to me like you really want two scripts to work here. You'd do the whole iptables thing, simliar to the script I gave above.

If you can give me a line by line flow of how you'd do this ( everything, from start to finish ) via command line, instead of trying to add extra bits and pieces to it, I could probably help you out a little easier.

ulto 04-22-2004 09:05 AM

ok sorry if i wasnt clear
anyway first of this wont be executed via ths command lien it will be executed by a php script when a user on my wireless network logs on and wants to use the internet
there will be a deny all first of all(except for my site!)
when a user logs on the script will take the ipaddress of teh user and get the matching macaddress
this macaddress will then be piped to another script where the variable wil be put into an iptable and then the user can gain access to the web!

there is 2 scripts at work here the change and the add script
the add script works fine but ill post ti anyway so you can see the workings


echo Content-type: text/plain

#read variable from users.txt or from somewhere else
read macaddress
echo $macaddress

sudo $IPTABLES -A FORWARD -i wlan0 -m mac --mac-source $macaddress -j ACCEPT
sudo $IPTABLES -t nat -A PREROUTING -m mac --mac-source $macaddress -i wlan0 -j ACCEPT

the variable macaddress will have to be piped FROM the change script (the script im having trouble with!)

ill give a line by line breakdown of the change script here

echo Content-type: text/plain

#ok first of all this will be read ipaddress, the ip address wil be got from the remote u
#i have it static because it makes testing from the command terminal easier

##where the ipatables module is located

#do an arp request of the users connected to the network and output it to a file
#this works fine
sudo arp > /root/lankfordu/apache/logs/users.txt

#now the hard parts IMPORTANT only one of the following lines is used ie i comment one while i work with the other
#ok i only need one of these lines imo but they both do different things that i want but i cant combine them
#this line will output the macaddress i want to the screen but it wont pipe the macadderss to the file (beacuse there is no file specified right) but if i do specify the file i just get the command not found errors above

sudo arp | grep $ip_address | awk '{print $3}'

#now this line will wait for an input (the macaddress varibale) when i type in a correct macaddress thsi will take that mac address and pipe it to the file called add which will then work a treat as shwon in the add script above

sudo /root/lankfordu/www/cgi-bin/add `arp | grep $ip_address | awk '{print $3}'`

just an iptables line that works grand ie enable nat on the address (my clients addresses will be private so this will be needed
sudo $IPTABLES -t nat -A POSTROUTING -s $ip_address -j MASQUERADE

do us see what im trying to do the way i test thsi is by the command terminal because it is much easier to test imo at the mo
i hope this makes it clearer
i want the two lines that im having trouble with combined
1:get macaddress dynamically (not have to be entered by hand) and 2: then pipe it to the script called add
i can only get one of them to work at once i want 1 + 2 to work togethor

if any more questions just ask
cheers again for all the help by th way, its probably something small overlooked on my half

ulto 04-23-2004 08:47 AM

Well did you or anybody else have a look at it?

Does it make more sense now or am I confusing people even more

any help much appreacheated :)

Technoslave 04-23-2004 12:58 PM


> for i in `arp | grep -v Address | awk '{print $3}'`;do echo iptables $i --macaddress;echo iptables nat $i blah;done

iptables 00:06: --macaddress
iptables nat 00:06: blah
iptables 00:50: --macaddress
iptables nat 00:50: blah

> arp
Address HWtype HWaddress Flags Mask Iface ether 00:06: C eth1
router ether 00:50: C eth0

As for doing it in a script based off of a web page, I don't know.

All times are GMT -5. The time now is 11:10 AM.