[CentOS] Questoin on iptables
Alexander Dalloz
ad+lists at uni-x.org
Tue Jul 15 08:09:09 UTC 2014
Am 15.07.2014 01:51, schrieb Eliezer Croitoru:
> On 07/15/2014 12:45 AM, Alexander Dalloz wrote:
>> It means that your script is not correct[1] and by error tries to load a
>> helper module which does not exist. So fix your script.
>>
>> [1] "cat | grep | awk" constructs are far from being elegant.
>>
>> Alexander
> I think that these are not too bad..
> And you can use xargs instead of a for loop.
>
> If you have another suggestion you can throw the one-liner here.
>
> Eliezer
The OP's code snipplet:
blocks=$(cat $FILE | egrep -v '^;' | awk '{ print $1}')
for ipblock in $blocks
do
$IPTABLES -A Spamhaus -s $ipblock -j DROP
done
Running without the pipe construct because awk can do that all by itself
(reading the source file and inverse greping):
while read ipblock
do
$IPTABLES -A Spamhaus -s $ipblock -j DROP
done < <(awk '!/^;/ { print $1 }' $FILE)
Alexander
More information about the CentOS
mailing list