iptables grep problems

iptables grep problems

[saint]

Hi all,

It seems I'm in a bit of a bother.  Here's my problem:
I have a semi-permanent IP address provided by my ISP
and I can't do one of two things:
1. use eth0, and
2. use a combination of grep, awk, & ifconfig.

Normally, if I issue this from the bash shell:

$ifconfig eth0 | grep 'inet addr' | awk '{print $2}'

I get the intended result i.e the external interface's IP address.
So why can't I get anything when I put this in the firewall script?
Actually, I do get something: ERRORS!

If someone would kindly help me with this problem
and relieve my suffering it'll be very much appreciated.

Thanks.

Santos.
Still learning.

Re: iptables grep problems

[Andre Costa]

Hi Santos,

if you're putting this into /etc/sysconfig/iptables (RH) or any other
ruleset meant to be loaded with iptables-restore, you're out of luck:
shell commands cannot be executed there.

If not, then it's most likely a shell related problem (I mean: it
shouldn't be iptable's fault); post the errors msgs here so that we can
try to help you.

Best,

Andre

On 04 Feb 2003 00:14:11 +1100
saint <nagajuna@optushome.com.au> wrote:

> Hi all,
> 
> It seems I'm in a bit of a bother.  Here's my problem:
> I have a semi-permanent IP address provided by my ISP
> and I can't do one of two things:
> 1. use eth0, and
> 2. use a combination of grep, awk, & ifconfig.
> 
> Normally, if I issue this from the bash shell:
> 
> $ifconfig eth0 | grep 'inet addr' | awk '{print $2}'
> 
> I get the intended result i.e the external interface's IP address.
> So why can't I get anything when I put this in the firewall script?
> Actually, I do get something: ERRORS!
> 
> If someone would kindly help me with this problem
> and relieve my suffering it'll be very much appreciated.
> 
> Thanks.
> 
> Santos.
> Still learning.
> 
> 


-- 
Andre Oliveira da Costa

RE: iptables grep problems

[Khanh Tran]

Are you trying to assign your external interface's IP to a variable for
something?  What does $2 look like?  Chances are you are trying to do
something with $2 as an IP, but really the value is probably set for
"addr:1.2.3.4".  You may also want to add a #!/bin/bash, or whatever your
shell is to the top of the script if you are getting the right variable
assignment.

Khanh Tran
Network Operations
Sarah Lawrence College

-----Original Message-----
From: saint [mailto:nagajuna@optushome.com.au]
Sent: Monday, February 03, 2003 8:14 AM
To: Netfilter Mailing List
Subject: iptables grep problems


Hi all,

It seems I'm in a bit of a bother.  Here's my problem:
I have a semi-permanent IP address provided by my ISP
and I can't do one of two things:
1. use eth0, and
2. use a combination of grep, awk, & ifconfig.

Normally, if I issue this from the bash shell:

$ifconfig eth0 | grep 'inet addr' | awk '{print $2}'

I get the intended result i.e the external interface's IP address.
So why can't I get anything when I put this in the firewall script?
Actually, I do get something: ERRORS!

If someone would kindly help me with this problem
and relieve my suffering it'll be very much appreciated.

Thanks.

Santos.
Still learning.

RE: iptables grep problems

[saint]

Hi Khanh,

I already have #!/bin/bash.  My firewall script works. When
I first learnt how to build one everyone was saying use eth0.
But I have now learnt to dynamically configure eth0.
I know how to print out the info from the command line but
when I include the same command in my script all hell breaks lose.
And the { print $2 } bit -> you should see what it does.

Santos

On Tue, 2003-02-04 at 00:34, Khanh Tran wrote:
> Are you trying to assign your external interface's IP to a variable for
> something?  What does $2 look like?  Chances are you are trying to do
> something with $2 as an IP, but really the value is probably set for
> "addr:1.2.3.4".  You may also want to add a #!/bin/bash, or whatever your
> shell is to the top of the script if you are getting the right variable
> assignment.
> 
> Khanh Tran
> Network Operations
> Sarah Lawrence College
> 
> -----Original Message-----
> From: saint [mailto:nagajuna@optushome.com.au]
> Sent: Monday, February 03, 2003 8:14 AM
> To: Netfilter Mailing List
> Subject: iptables grep problems
> 
> 
> Hi all,
> 
> It seems I'm in a bit of a bother.  Here's my problem:
> I have a semi-permanent IP address provided by my ISP
> and I can't do one of two things:
> 1. use eth0, and
> 2. use a combination of grep, awk, & ifconfig.
> 
> Normally, if I issue this from the bash shell:
> 
> $ifconfig eth0 | grep 'inet addr' | awk '{print $2}'
> 
> I get the intended result i.e the external interface's IP address.
> So why can't I get anything when I put this in the firewall script?
> Actually, I do get something: ERRORS!
> 
> If someone would kindly help me with this problem
> and relieve my suffering it'll be very much appreciated.
> 
> Thanks.
> 
> Santos.
> Still learning.
> 
> 
> 

RE: iptables grep problems

[Ken Kilgore]

This is what I am doing.  I have dhcp for my external ip address assignment.

EXTIP=`/sbin/ifconfig "$EXTIF" | grep inet | cut -d":" -f 2 | cut -d" " -f
1`
INTIP=`/sbin/ifconfig "$INTIF" | grep inet | cut -d":" -f 2 | cut -d" " -f
1`

Ken Kilgore

-----Original Message-----
From: netfilter-admin@lists.netfilter.org
[mailto:netfilter-admin@lists.netfilter.org]On Behalf Of saint
Sent: Monday, February 03, 2003 7:42 AM
To: Netfilter Mailing List
Subject: RE: iptables grep problems


Hi Khanh,

I already have #!/bin/bash.  My firewall script works. When
I first learnt how to build one everyone was saying use eth0.
But I have now learnt to dynamically configure eth0.
I know how to print out the info from the command line but
when I include the same command in my script all hell breaks lose.
And the { print $2 } bit -> you should see what it does.

Santos

On Tue, 2003-02-04 at 00:34, Khanh Tran wrote:
> Are you trying to assign your external interface's IP to a variable for
> something?  What does $2 look like?  Chances are you are trying to do
> something with $2 as an IP, but really the value is probably set for
> "addr:1.2.3.4".  You may also want to add a #!/bin/bash, or whatever your
> shell is to the top of the script if you are getting the right variable
> assignment.
>
> Khanh Tran
> Network Operations
> Sarah Lawrence College
>
> -----Original Message-----
> From: saint [mailto:nagajuna@optushome.com.au]
> Sent: Monday, February 03, 2003 8:14 AM
> To: Netfilter Mailing List
> Subject: iptables grep problems
>
>
> Hi all,
>
> It seems I'm in a bit of a bother.  Here's my problem:
> I have a semi-permanent IP address provided by my ISP
> and I can't do one of two things:
> 1. use eth0, and
> 2. use a combination of grep, awk, & ifconfig.
>
> Normally, if I issue this from the bash shell:
>
> $ifconfig eth0 | grep 'inet addr' | awk '{print $2}'
>
> I get the intended result i.e the external interface's IP address.
> So why can't I get anything when I put this in the firewall script?
> Actually, I do get something: ERRORS!
>
> If someone would kindly help me with this problem
> and relieve my suffering it'll be very much appreciated.
>
> Thanks.
>
> Santos.
> Still learning.
>
>
>

Thanks Ken.

[saint]

Hmm, I think this and Andre's message will solve all my problems.
Thanks.
Here goes.

Santos.

On Tue, 2003-02-04 at 01:51, Ken Kilgore wrote:
> This is what I am doing.  I have dhcp for my external ip address assignment.
> 
> EXTIP=`/sbin/ifconfig "$EXTIF" | grep inet | cut -d":" -f 2 | cut -d" " -f
> 1`
> INTIP=`/sbin/ifconfig "$INTIF" | grep inet | cut -d":" -f 2 | cut -d" " -f
> 1`
> 
> Ken Kilgore
> 
> -----Original Message-----
> From: netfilter-admin@lists.netfilter.org
> [mailto:netfilter-admin@lists.netfilter.org]On Behalf Of saint
> Sent: Monday, February 03, 2003 7:42 AM
> To: Netfilter Mailing List
> Subject: RE: iptables grep problems
> 
> 
> Hi Khanh,
> 
> I already have #!/bin/bash.  My firewall script works. When
> I first learnt how to build one everyone was saying use eth0.
> But I have now learnt to dynamically configure eth0.
> I know how to print out the info from the command line but
> when I include the same command in my script all hell breaks lose.
> And the { print $2 } bit -> you should see what it does.
> 
> Santos
> 
> On Tue, 2003-02-04 at 00:34, Khanh Tran wrote:
> > Are you trying to assign your external interface's IP to a variable for
> > something?  What does $2 look like?  Chances are you are trying to do
> > something with $2 as an IP, but really the value is probably set for
> > "addr:1.2.3.4".  You may also want to add a #!/bin/bash, or whatever your
> > shell is to the top of the script if you are getting the right variable
> > assignment.
> >
> > Khanh Tran
> > Network Operations
> > Sarah Lawrence College
> >
> > -----Original Message-----
> > From: saint [mailto:nagajuna@optushome.com.au]
> > Sent: Monday, February 03, 2003 8:14 AM
> > To: Netfilter Mailing List
> > Subject: iptables grep problems
> >
> >
> > Hi all,
> >
> > It seems I'm in a bit of a bother.  Here's my problem:
> > I have a semi-permanent IP address provided by my ISP
> > and I can't do one of two things:
> > 1. use eth0, and
> > 2. use a combination of grep, awk, & ifconfig.
> >
> > Normally, if I issue this from the bash shell:
> >
> > $ifconfig eth0 | grep 'inet addr' | awk '{print $2}'
> >
> > I get the intended result i.e the external interface's IP address.
> > So why can't I get anything when I put this in the firewall script?
> > Actually, I do get something: ERRORS!
> >
> > If someone would kindly help me with this problem
> > and relieve my suffering it'll be very much appreciated.
> >
> > Thanks.
> >
> > Santos.
> > Still learning.
> >
> >
> >
> 
> 
> 

Re: iptables grep problems

[Alexander W. Janssen]

[-- Attachment #1: Type: text/plain, Size: 338 bytes --]

Put "set -x" direct under "#!/bin/bash" in your script. This will show every
command on stdout before it's executed. This will show you why the errors
occur.

HTH, Alex.

-- 
"Mr Data, when I said 'Fire at Will', I didn't mean for you to be so literal."
Instructions for use of this post: Insert tounge in cheek. Read as normal.

[-- Attachment #2: Type: application/pgp-signature, Size: 248 bytes --]