[ale] bonehead ipset additions
DJPfulio at jdpfu.com
DJPfulio at jdpfu.com
Tue Feb 15 19:17:06 EST 2022
$ program option1 option2 option3 comment "this comment is \"bad\""
I'd use getopts. This works:
#!/usr/bin/env bash
echo "
Usage:
$0 [-1] [-2] [-3] -s cidr-subnet comment
"
while getopts '123s:' OPTION
do
case $OPTION in
1) OPT1=1
;;
2) OPT2=1
;;
3) OPT3=1
;;
s) SUBNET="$OPTARG"
;;
h) Usage
exit 0
;;
esac
done
# Get whatever is left. That's the comment, spaces are fine.
shift $(($OPTIND - 1))
COMMENT="$@"
# Do more stuff here.
echo "CIDR=$SUBNET
Comment=$COMMENT"
# end of test script.
On 2/15/22 10:06, Alex Carver via Ale wrote:
> The comment is part of the command line for ipset, it's an integral part.
>
> The original questions were more about bash parameter expansions than ipset since it could apply to other things as well.
>
> On 2022-02-14 07:46, DJPfulio--- via Ale wrote:
>> If comments can be on the same line in the ipset file, the script is dumb enough to allow them.
>> If comments have to be placed onto a different line, I'd use getopts ... to accept 2 arguments and put the --comment input where it needs to go. The comment would be optional.
>>
>> Or create another script based on the CIDR used and pulls the org+location from whois records.
>>
>>
>> On 2/14/22 01:38, Alex Carver via Ale wrote:
>>> Yeah, unfortunately that doesn't help because I do want to have the
>>> comments sometimes. I have some rulesets specific to entities so I
>>> don't need them there but for a couple of the catch-all lists I need
>>> the comments to remind me later. That's the reason for the script,
>>> to handle comments or not.
>>>
>>> On 2022-02-13 20:31, DJPfulio--- via Ale wrote:
>>>> My script to do this is 4 lines. No error checking. I didn't want
>>>> to overthink it. I don't even check that the euid is 0. That's
>>>> solved by placing the script in ~root/bin/. K.I.S.S.
>>>>
>>>> #!/bin/bash
>>>>
>>>> IPSET_RULES_FILE="/etc/ipset.up.rules"
>>>>
>>>> # Make a backup cp $IPSET_RULES_FILE $IPSET_RULES_FILE.bak
>>>>
>>>> # Update the live ruleset - any errors? ipset add countryblock $1
>>>>
>>>> # Append the new rule to the bottom echo "add countryblock $1 " |
>>>> tee -a $IPSET_RULES_FILE
>>>>
>>>>
>>>> On 2/13/22 17:50, Alex Carver via Ale wrote:
>>>>> I'm putting a tiny utility script together to make it faster for
>>>>> me to update ipset lists and add them to a restore file in one
>>>>> shot but I've run into a slight hiccup with what I wanted to
>>>>> accomplish.
>>>>>
>>>>
>>>> Lots of brilliant stuff deleted.
>>>>
>>>>>
>>>>> Thoughts? _______________________________________________
>>>>
>>>>
>>>> _______________________________________________ Ale mailing list Ale at ale.org https://mail.ale.org/mailman/listinfo/ale See JOBS,
>>>> ANNOUNCE and SCHOOLS lists at http://mail.ale.org/mailman/listinfo
>>>
>>> _______________________________________________ Ale mailing list Ale at ale.org https://mail.ale.org/mailman/listinfo/ale See JOBS,
>>> ANNOUNCE and SCHOOLS lists at http://mail.ale.org/mailman/listinfo
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> https://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
More information about the Ale
mailing list