Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
dobromin2019-06-27 17:25:59
bash
dobromin, 2019-06-27 17:25:59

Script to optimize and fix?

The scripts are located in the home directory
ipset.start
Script for creating a database where ip addresses will be written and also adding a rule to iptables

ipset -N addips iphash
  sleep 10
  iptables -I INPUT 6  -i eth1 -m set --match-set addips src -j ACCEPT

ipset-read-ip.start
script with while loop to read ip addresses from file and write them to ipset database (addips)
cat /home/host.su/address.txt | (
  while read ip;
  do
  ipset -A addips $ip
  done);

install-while-ipset An
eternal while loop to run the ipset-read-ip.start script
while true; do ./ipset-read-ip.start;
  done;

When the system boots, it starts
iptables next
ipset.start next
install-while-ipset

What is the task: Write down the IP addresses of hosts in a text file that you need to give access to.
the script takes the ip from the text file and writes it to ipset.
in iptables there is a rule that allows ip existing in the ipset database.
When testing, the following happens, the loop works fine, there are no errors.
we make an entry in the file (address.txt) from where the IP is read.
The script reads, after that the inscription
ipset v6.30 appears: Element cannot be added to the set: it's already added
In principle, it is logical, since it tries to make a record with the same ip in a cycle, and God bless it.
But access to the host does not appear, when you re-enter the ip of the same host as the second in the list, for example

192.168.1.1
192.168.1.1
, i.e. the second, third, fourth, etc., then ipset gets into the base ( addips ).
in general, it doesn’t matter, you just need to repeat the entry of the ip in the line, access appears, that is, it is entered into the database ipset ip recorded in a text file.
In general, I have two questions, how can I combine all this into one script and not into several,
and also how to fix the repeated entry of SP? why after the first one there is no access, although he writes ipset v6.30: Element cannot be added to the set: it's already
added the same SP to the file from where it reads.
I apologize for these crutches and one and a half wheeled bike, I don’t know, I can’t find a different solution.
In general, I noticed that when ip is written once in the list "in a text file", then it is not included in the ipset sheet, when there are two identical ip in the list, then it is entered.
I think there is some kind of jamb with the cycle

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
U
Unicom2018-02-04 15:50:58
How to select images for batch processing in the Mac OS console? 2Reply
N
Nikita2015-10-05 19:06:49
How to insert text in last convergence in bash? 1Reply
A
Ai Lab2015-10-09 16:01:50
How to properly use FIFO in Linux? 1Reply
D
Daniel Reed2015-10-11 20:42:54
Is it possible to read messages from an open terminal? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question