Re: Firewall scripting - loops howto
On Sun, Aug 19, 2001 at 03:55:10PM +1000, mdevin@ozemail.com.au wrote:
> I am trying to make my firewall do a very basic loop.
>
> Here are the relevant parts of the script.
> ------------------------------
> IPADDR=`ifconfig $EXT_IF | grep inet | cut -d : -f 2 | cut -d \ -f 1`
>
> NAMESERVERS=`grep nameserver /etc/resolv.conf | cut -d \ -f 2` # Stores 2 DNSs
>
> for DNS_ADDRESS in $NAMESERVERS ;
> do
> iptables -A OUTPUT -o $EXT_IF -p udp -s $IPADDR --sport $UNPRIVPORTS \
> -d $DNS_ADDRESS --dport $DNS_PORT -j ACCEPT
> iptables -A OUTPUT -o $EXT_IF -p tcp -s $IPADDR --sport $UNPRIVPORTS \
> -d $DNS_ADDRESS --dport $DNS_PORT -j ACCEPT
> iptables -A INPUT -i $EXT_IF -p udp -s DNS_ADDRESS --sport $DNS_PORT \
> -d $IPADDR --dport $UNPRIVPORTS -j ACCEPT
> iptables -A INPUT -i $EXT_IF -p tcp -s DNS_ADDRESS --sport $DNS_PORT \
> -d $IPADDR --dport $UNPRIVPORTS -j ACCEPT
> done
> ------------------------------
> I have never written a script with a loop. The above seems to hang.
> what is wrong with it?
>
Thanks for the replies. I have forgotten the $ sign before the
variable DNS_ADDRESS in the last 2 lines
Mark.
Reply to: