You are right, Christoph, my mistake. I missed a portion of that script.
(That's what happens when you are trying to do several things requiring
your focused attention at the same time.)
My big apology for misreading the script.
Let me carefully read it and think... So, the message I sent in the past
hour is partially incorrect.
Igor
On Thu, 12 Jan 2017, Christoph Theis wrote:
> Hello Igor!
>
> Am 12.01.2017 um 03:41 schrieb Igor:
>>>> actionstart = ipfw show | fgrep -q 'table(<table>)' || ( ipfw show | awk
>>>> 'BEGIN { b = 1 } { if ($1 <= b) { b = $1 + 1 } else { e = b } } END { if
>>>> (e) exit e <br> else exit b }'; num=$?; ipfw -q add $num <blocktype>
>>>> <block> from table\(<table>\) to me <port>; echo $num >
>>>> "<startstatefile>"
>>>> )
> [...]
>> Just in case: the awk inline script in the action quoted above is
>> working on the output of "ipfw show | fgrep -q 'table(<table>)' , which
>> is only trying to avoid a clash with an existing table.
>
> Are you sure?
> I think the script will either find a rule for this table and happily stop
> after that or it will call the awk script on the output of ipfw show, listing
> all rule numbers, until it finds an empty spot.
>
> And I think actionstart will remember the fact that there was a rule for the
> given table: if yes it will not write the rule number into startstatefile and
> thus actionstop will not remove the rule.
>
>
> Best regards
>
> Christoph
>
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
