Full path to iptables

This commit is contained in:
Josef 'veloc1ty' Stautner 2015-10-27 18:28:46 +01:00
parent ddaead417f
commit 73ffeee0d1

View File

@ -15,6 +15,7 @@ TO_DOWNLOAD[2]="http://lists.blocklist.de/lists/apache.txt"
CHAINNAME="blocklist-de" CHAINNAME="blocklist-de"
ACTION="REJECT" # Can be DROP ACTION="REJECT" # Can be DROP
PRINT_REPORT=1 PRINT_REPORT=1
IPTABLES_PATH="/sbin/iptables"
########## Do not edit anything below this line ########## ########## Do not edit anything below this line ##########
@ -50,14 +51,14 @@ amountAfterSortAndUnique=`cat $fileFiltered | wc -l`
# #
## Create chain if it does not exist ## Create chain if it does not exist
# #
iptables --new-chain $CHAINNAME >/dev/null 2>&1 $IPTABLES_PATH --new-chain $CHAINNAME >/dev/null 2>&1
# Insert rule (if necesarry) into INPUT chain so the chain above will also be used # Insert rule (if necesarry) into INPUT chain so the chain above will also be used
if [ `iptables -L INPUT | grep $CHAINNAME | wc -l` -eq 0 ] if [ `$IPTABLES_PATH -L INPUT | grep $CHAINNAME | wc -l` -eq 0 ]
then then
# Insert rule because it is not present # Insert rule because it is not present
iptables -I INPUT -j $CHAINNAME $IPTABLES_PATH -I INPUT -j $CHAINNAME
fi fi
@ -68,7 +69,7 @@ while read currentIP
do do
# Check via command # Check via command
iptables -C $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1 $IPTABLES_PATH -C $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1
# Now we have to check the exit code of iptables via $? # Now we have to check the exit code of iptables via $?
# #
@ -79,7 +80,7 @@ do
then then
# Append the IP # Append the IP
iptables -A $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1 $IPTABLES_PATH -A $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1
# Increment the counter # Increment the counter
amountInserted=$((amountInserted + 1)) amountInserted=$((amountInserted + 1))
@ -96,14 +97,14 @@ do
then then
# Delete the rule by its rulenumber # Delete the rule by its rulenumber
# Because changing the action would result in errors # Because changing the action would result in errors
iptables -D $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1 $IPTABLES_PATH -D $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1
# Increment the counter # Increment the counter
amountDeleted=$((amountDeleted + 1)) amountDeleted=$((amountDeleted + 1))
fi fi
done <<< "`iptables -n -L blocklist-de | awk '{print $4}'`" done <<< "`$IPTABLES_PATH -n -L blocklist-de | awk '{print $4}'`"
## Print report ## Print report
if [ $PRINT_REPORT -eq 1 ] if [ $PRINT_REPORT -eq 1 ]