Re: A few questions about scripting for Iptables.
On 2004-05-20 Kevin D. White wrote:
> Ok, so I would like to start scripting and I would really like my
> script to be like Valerio's (OBC) script but there are a few things I
> don't understand and I was wondering if someone can help me out.
> Here's what I am talking about:
> # ip for the external interface (assuming EXT_IF is the external)
> EXT_IP=`ifconfig $EXT_IF | grep "addr:" | cut -d: -f 2 | cut -d\ -f1`
> ???? What is stored in EXT_IP? why the single '' ? Is there a
> declaration of EXT_IP somewhere?
Those are not single quotes but back-ticks. A command included in back-
ticks is executed and its output is returned. In the above line, the
ifconfig $EXT_IF | grep "addr:" | cut -d: -f 2 | cut -d\ -f1
will be executed and the result (the IP address) will be returned and
assigned to the variable EXT_IP.
> # set the network address
> ???? What is taking place here? What significance does '/' have?
The value of the variable INT_IP (IP address) followed by a single slash
followed by the value of the variable INT_MASK (netmask) is assigned to
the variable INT_NET.
> #setup the logging chain
> $FW -N LOGDROP 2>/dev/null
> ???? I see that a new chain is built but I am not sure about
"2>" redirects all messages going to STDERR (i.e. all error messages) to
/dev/null, so they don't show up on the display.
> How about the case "$1"? I would like to know how that works.
> # See how we were called.
> case "$1" in
> ???? what is this "esac"?
"$1" is the first argument passed to the script, i.e. when calling
"./script.sh start" the value of "$1" would be "start". The word "esac"
ends the case-clause (it's "case" written backwards).
I suggest you read into the Advanced Bash-Scripting Guide .