Thanks Neil,
I've got this bit working now.
My only problem at present is that my cron job isn't running and I'm not
sure why.
/me is back off to keep reading man cron
Cheers Don
Neil Stockbridge wrote:
did you sort all of this out in the end? i find that reading the shell
scripts in /etc/init.d teaches me how to do things in shell scripts.
i didn't see anyone give an example of "if" in a shell script, so if
you've not seen it yet:
if [ x1 == x`iptables -vL INPUT | grep banned2 | wc -l` ]; then
echo y;
fi
(the "x" in "x1" above is so that when the backtick command returns the
empty string, the shell interprets "if [ x1 == x ].." rather than "if
[ 1 == ]..", which is illegal. the "banned2" string above if what i'm
looking for the presence or absence of in the iptables output. "wc -l"
counts the lines in the output)
- neil
On Fri, 2006-10-27 at 12:00 +1300, Don Gould wrote:
Good news! Last night, with the help of Tusker and Neil I got the
iptables stuff logging! :)
Bad news... I'm stuck again :)
I have two issues - GREP IN A SCRIPT, DO WHILE LOOP
GREP IN A SCRIPT
The question... how do I script a test?
if (iptables -L traffic_in -vn | grep "192.168.3.136") = "" then
iptables -A traffic_in -d $3
end if
(Yes, this is how I'd think of it in VB)
The problem... Duplicate records.
# iptables -A traffic_in -d $3
This creates a new counter every time the ip is refreshed by dhcp. So I
need to test to see if it's present.
I understand that I use grep, but I don't know how to code the syntax to
test it in a script.
# iptables -L traffic_in -vn
Gives me...
Chain traffic_in (13 references)
pkts bytes target prot opt in out source
destination
9856 6879K all -- * * 0.0.0.0/0
192.168.3.136
0 0 all -- * * 0.0.0.0/0
192.168.3.136
0 0 all -- * * 0.0.0.0/0
192.168.2.130
7053 586K all -- * * 0.0.0.0/0
192.168.2.124
34918 35M all -- * * 0.0.0.0/0
192.168.3.183
Which as you can see has duplicate records for 192.168.3.136...
So at the command line I go ...
[EMAIL PROTECTED] shared]# iptables -L traffic_in -vn | grep "192.168.3.136"
9856 6879K all -- * * 0.0.0.0/0
192.168.3.136
0 0 all -- * * 0.0.0.0/0
192.168.3.136
But how do I script this so I can use it in the batch file...
if (iptables -L traffic_in -vn | grep "192.168.3.136") = "" then
iptables -A traffic_in -d $3
end if
DO WHILE LOOP
Next I need to collect the traffic information into the database.
Sudoo code...
for each line in iptables -L traffic_in -vn
Ip = $8
Data = $2
mysql
-h bowenvale
-u oncs
-pbutterfly
-e "INSERT INTO oncs.tblData
(IPAddress, DataUsed)
VALUES('$Ip', '$Data');"
loop
From: http://forum.openwrt.org/viewtopic.php?pid=30841
[EMAIL PROTECTED] shared]# iptables -L traffic_in -vn | awk '{if
(int($1)!=0) print $8"\t"$2}'
192.168.2.124 33M
192.168.2.148 5140K
192.168.3.136 6879K
192.168.2.124 721K
192.168.3.183 35M
[EMAIL PROTECTED] shared]#
This is great, but how do I turn it in to a loop so I can stuff each
record into the database?
TIA
Cheers Don
--
Don Gould
www.thinkdesignprint.co.nz - www.tcn.bowenvale.co.nz -
www.bowenvale.co.nz - www.hearingbooks.co.nz - www.buxtonsquare.co.nz -
SkypeMe: ThinkDesignPrint - Good ideas: www.solarking.co.nz
