On Wed, 05 Mar 2003, [EMAIL PROTECTED] wrote:
> Tozi script subira network ranges ot
> http://www.zbl.ieplugins.com/files/p2penemies.txt i
> http://www.zbl.ieplugins.com/files/badip.txt, i gi blokira chrez
> iptables - no bi rabotil za drugi zeli. Izpolzva se taka:
>
> rewrite-iptables.pl /etc/sysconfig/iptables
> /etc/init.d/iptables restart
>
> Spezifichno za Redhat (RH-Lokkit) e napisan. Nadyavam se da pomogne
> na nyakoi.
Yavno sus iptables, "-i+" ne raboti pravilno - smenih go na "-i e+".
Patch attached.
Teo
Index: rewrite-iptables.pl
===================================================================
RCS file: /usr/home/lifelogs/cvsroot/articles/snippets/rewrite-iptables.pl,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- rewrite-iptables.pl 5 Mar 2003 16:05:44 -0000 1.3
+++ rewrite-iptables.pl 6 Mar 2003 11:15:31 -0000 1.4
@@ -30,7 +30,7 @@
# printf ("%s/%s\n", $_->base, $_->size) foreach @ranges;
};
-if (m/-i\+ -j REJECT$/)
+if (m/-i e\+ -j REJECT$/)
{
# don't print anything (remove the old range)
}
@@ -44,7 +44,7 @@
$line = $_; # save in case $_ gets corrupted
if ($chainfound)
{
- printf ("$chainfind -s %s/%s -i+ -j REJECT\n", $_->base, $_->bits) foreach @ranges;
+ printf ("$chainfind -s %s/%s -i e+ -j REJECT\n", $_->base, $_->bits) foreach
@ranges;
}
print $line;
