[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall scripting - loops howto

On Sun, Aug 19, 2001 at 03:55:10PM +1000, mdevin@ozemail.com.au wrote:
> I am trying to make my firewall do a very basic loop.
> 
> Here are the relevant parts of the script.
> ------------------------------
> IPADDR=`ifconfig $EXT_IF | grep inet | cut -d : -f 2 | cut -d \  -f 1`
> 
> NAMESERVERS=`grep nameserver /etc/resolv.conf | cut -d \  -f 2` # Stores 2 DNSs
> 
> for DNS_ADDRESS in $NAMESERVERS ;
> 	do
> 	iptables -A OUTPUT -o $EXT_IF -p udp -s $IPADDR --sport $UNPRIVPORTS \
> 			-d $DNS_ADDRESS --dport $DNS_PORT -j ACCEPT
> 	iptables -A OUTPUT -o $EXT_IF -p tcp -s $IPADDR --sport $UNPRIVPORTS \
> 			-d $DNS_ADDRESS --dport $DNS_PORT -j ACCEPT
> 	iptables -A INPUT -i $EXT_IF -p udp -s DNS_ADDRESS --sport $DNS_PORT \
> 			-d $IPADDR --dport $UNPRIVPORTS -j ACCEPT
> 	iptables -A INPUT -i $EXT_IF -p tcp -s DNS_ADDRESS --sport $DNS_PORT \
> 			-d $IPADDR --dport $UNPRIVPORTS -j ACCEPT
> 	done
> ------------------------------
> I have never written a script with a loop.  The above seems to hang.
> what is wrong with it?
>
Thanks for the replies.  I have forgotten the $ sign before the
variable DNS_ADDRESS in the last 2 lines

Mark.
Reply to: