Adding new iptables


Login or Register to Reply

 
Thread Tools Search this Thread
# 1  
Old 10-07-2008
Adding new iptables

Hi, I basically want to create a shell script that reads in the /etc/sysconfig/iptables. When it sees the line "-A INPUT -j REJECT --reject-with icmp-host-prohibited" it will create a new line before it and add in the line from another file which will have "-A INPUT -p udp -m udp --dport 27020 -j ACCEPT"
So it will look like:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p udp -m udp --dport 27020 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Last edited by SpaceY; 10-07-2008 at 12:28 PM..
# 2  
Old 10-08-2008
Should be something like:

Code:
line=`grep your line from the file here`

awk -v var="$line" '/-A INPUT -j REJECT --reject-with icmp-host-prohibited/{print var}1' /etc/sysconfig/iptables

Regards
# 3  
Old 10-08-2008
Or with sed:

Code:
sed '/-A INPUT -j REJECT --reject-with icmp-host-prohibited/i\
-A INPUT -p udp -m udp --dport 27020 -j ACCEPT' file >newfile

There are different dialects of sed so you might need to experiment a bit -- the backslash might or might not be necessary.
# 4  
Old 10-08-2008
Wierd...since I tried both examples and still didnt work Smilie
# 5  
Old 10-09-2008
Quote:
Originally Posted by SpaceY
Wierd...since I tried both examples and still didnt work Smilie
Did you get errors, no output or wrong output?

Regards
# 6  
Old 10-09-2008
I'm guessing you might have multiple spaces in your input file, but we can't see those because you didn't use code tags -- please post again with those tags around the sample so we can see the spaces if you can't solve this on your own.
# 7  
Old 10-09-2008
Yup, in both cases the output is the same as the original iptables file with no modification being done into a new file.
Code:
line=`cat ports | grep 27020`
*** the cat grabs the line -A INPUT -p udp -m udp --dport 27020 -j ACCEPT ***
awk -v var="$line" '/-A INPUT -j REJECT --reject-with icmp-host-prohibited/{print var}1' iptables >newiptables

Code:
sed '/-A INPUT -j REJECT --reject-with icmp-host-prohibited/i\
-A INPUT -p udp -m udp --dport 27020 -j ACCEPT' iptables >newiptables

This seems to be interesting. you may be right that it could be a spaces issue.
Login or Register to Reply

|
Thread Tools Search this Thread
Search this Thread:
Advanced Search

More UNIX and Linux Forum Topics You Might Find Helpful
Adding to an array in an external file, and adding elements to it. ignatius UNIX for Beginners Questions & Answers 20 2 Days Ago 07:29 PM
Adding two files anshu ranjan Shell Programming and Scripting 4 07-28-2015 06:12 AM
Adding column Moon1234 Shell Programming and Scripting 10 08-06-2014 02:32 PM
Adding a line before sa@@ UNIX for Dummies Questions & Answers 6 02-16-2014 07:37 PM
Adding script bigbenn Shell Programming and Scripting 2 06-12-2013 03:44 PM
Adding lawsongeek UNIX for Dummies Questions & Answers 5 04-05-2013 10:27 PM
adding brackets johnkim0806 Shell Programming and Scripting 2 08-20-2012 10:50 AM
adding whitespace verse123 UNIX for Dummies Questions & Answers 2 10-30-2011 11:11 AM
adding new ip newaix AIX 1 10-21-2011 05:46 AM
Adding new lines to a file + adding suffix to a pattern hemo21 Shell Programming and Scripting 7 06-14-2010 12:19 AM
adding free pp's to your vg jwholey AIX 3 02-06-2009 11:22 AM
adding nalakaatslt UNIX for Dummies Questions & Answers 1 11-07-2008 09:08 AM
adding zero's mohan705 UNIX for Advanced & Expert Users 3 07-21-2008 11:00 AM
Adding new Route jaygamini Solaris 1 05-28-2008 04:14 PM
Adding from a file int007 Solaris 2 03-22-2005 07:05 PM