Find the answer to your Linux question:
Results 1 to 8 of 8
I have a list of IPs that I want to block, so I made a script to use iptables to block them. The IP list is one IP per line ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2006
    Posts
    57

    Issue with iptables


    I have a list of IPs that I want to block, so I made a script to use iptables to block them. The IP list is one IP per line and the file is named "newips". The script is named "ipblock.sh". Both are located in /home/oranges.

    Code:
    #!/bin/bash
    for IP in `cat /home/oranges/newips`; do iptables -A INPUT -s $IP -j DROP; done
    So I can the script by su'ing and then typed "sh /home/oranges/ipblock.sh", and the script runs, but for every IP on the list, I get this error:

    Code:
    ' not found.3.5: host/network `##.##.##.##
    Try `iptables -h' or 'iptables --help' for more information.
    (Replace ##.##.##.## with IP address).

    What could be the problem?

  2. #2
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    Something is screwed up with the 'newips' file. Either post it here or run the script with a trace so that you can watch it with the values substituted in place of the variable.

    e.g. # bash -x script_here

  3. #3
    Just Joined!
    Join Date
    Nov 2006
    Posts
    57
    Here is the "newips" file I've uploaded. You can see for yourself but as far as I can see, there's nothing wrong. Just listed IPs.

    [url=http://senduit.com/644174[/url]

  4. #4
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    That's a big ol' file.

    Well, there is lots of crap in there that is not an IP address. It will need to be cleaned up. Here is a very blunt tool approach, and you can see that I found a long list of non IP address lines.

    Code:
    [mrbiggles@troy ~]$ grep -v '^[0-9]\{1,3\}' newips | head -10
     Value Click Europe Ltd
     Value Click Europe Limited
     Value Click Europe
     3089
     604279
     P0004752
     St Johns College(351)
     National Institute for Agricultural
     National Institute for Agricultural
     National Institute for Agricultural
    ...
    Code:
    [mrbiggles@troy ~]$ grep -v '^[0-9]\{1,3\}' newips | wc -l   
         391
    So there's at least 391 lines to clean up.

  5. #5
    Just Joined!
    Join Date
    Nov 2006
    Posts
    57
    So I can do "grep -v '^[0-9]\{1,3\}' newips" then remove every term I see on that list? There's over 200,000 lines, so I guess I'll have to do it by hand anyway...

    But what can be the problem with the initial question?

  6. #6
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    Quote Originally Posted by sentralorigin View Post
    But what can be the problem with the initial question?
    The problem is you're confusing iptables by giving him non-IP address data to add to an INPUT chain rule.

    You can cruise google for some good IP address regular expressions if you'd like. Probably something like this would do the trick for you:
    Code:
    [mrbiggles@troy ~]$ grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' newips > cleaned-up-list
    The 'cleaned-up-list' file should contain only things that (sort of) look like IP addresses.

    That regexp is not perfect, but it should filter out most of the garbage.

  7. #7
    Just Joined!
    Join Date
    Nov 2006
    Posts
    57
    Okay, I cleaned up everything with letters. I search the whole thing for alphabetical letters, a-z and A-Z case sensitives too. But now there are some that are numbers that are not in IP format. How can I search for those? Like some lines just say "3526" and not in IP form, see?

    Here is my updated list:

    [url=http://senduit.com/9bfa3e[/url]


    I tried running the script again, but I still get the same errors.

  8. #8
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    Did you try the command in my post above?

    http://www.linuxforums.org/forum/486526-post6.html

    That should have gotten rid of a four-digit number. After running that command, your script needs to go against 'cleaned-up-list'.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •