Find the answer to your Linux question:
Results 1 to 3 of 3
First, here's my script in the making: Code: #!/bin/bash WHITELIST=good_ips.txt BLACKLIST=bad_ips.txt ALLOWED="22 80 3306" # Ports used: # 22 - SSH # 80 - HTTP # 3306 - MySQL # ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2008
    Posts
    72

    Writing an IP Tables script to read from a blacklist text file


    First, here's my script in the making:
    Code:
    #!/bin/bash
    
    WHITELIST=good_ips.txt
    BLACKLIST=bad_ips.txt
    ALLOWED="22 80 3306"
    
    # Ports used: 
    # 22 - SSH    
    # 80 - HTTP       
    # 3306 - MySQL
    
    # Drop all existing rules
    iptables -F
    
    
    
    # Allow ALL traffic from hosts in $WHITELIST
    for x in `cat $WHITELIST`; do 
    echo "Permitting $x..."
    iptables -A INPUT -t filter -s $x -j ACCEPT
    done
    
    # Block all traffic from IP ranges in $BLACKLIST
    for x in `cat $BLACKLIST`; do 
    echo "Blocking $x..."
    iptables -A INPUT -m iprange --src-range $x -j DROP
    done
    
    # Allow specific ports in $ALLOWED for trusted hosts
    for port in $ALLOWED; do 
    echo "Accepting port $port..."
    iptables -A INPUT -t filter -p tcp --dport $port -j ACCEPT
    done
    bad_ips.txt contains a list of IP ranges in X.X.X.X-Y.Y.Y.Y format, with each range on its own line. When I run the script, it appears as though iptables is only recognizing the second IP number in each range (which shouldn't produce an error anyway), even though both numbers are stored together in the same variable:
    Code:
    root@host:~# sh iptables_init 
    Permitting 127.0.0.1...
    ...cking 3.0.0.0-3.255.255.255
    'ptables v1.4.0: iprange match: Bad IP address `3.255.255.255
    
    Try `iptables -h' or 'iptables --help' for more information.
    ...cking 4.0.25.146-4.0.25.148
    'ptables v1.4.0: iprange match: Bad IP address `4.0.25.148
    And so on for each range. Also notice the odd formatting of the output (not a huge deal, but strange). Executing these commands manually works just fine, with no errors.

    I've looked through my code over and over again, and I can't see where I went wrong. Any help?

    Edit: Turns out adding a space after each line in the file solved the problem. A simple sed command did the trick:
    Code:
    sed -i 's/\r/ /g' bad_ips.txt
    to replace each carriage return with a space.

  2. #2
    Just Joined!
    Join Date
    Dec 2008
    Location
    Canberra, Australia
    Posts
    8
    Methinks a DOS vs UNIX - LF/CR text issue.

    Let me guess, you edited the files in notepad at some stage? :]

  3. #3
    Just Joined!
    Join Date
    Jan 2009
    Posts
    3
    if u have used windows/dos to edit the file, try

    Code:
    dos2unix bad_ips.txt
    that should fix it. have fun.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •