[ale] bonehead ipset additions

Jim Kinney jim.kinney at gmail.com
Tue Feb 15 19:48:09 EST 2022 

+1 for getops

As long as the freeform comment is at the end, getops will be able to pull params if they are well defined. 

On February 15, 2022 7:17:06 PM EST, DJPfulio--- via Ale <ale at ale.org> wrote:
>$ program option1 option2 option3 comment "this comment is \"bad\""
>
>I'd use getopts. This works:
>
>#!/usr/bin/env bash
>
>echo "
>Usage:
>   $0 [-1] [-2] [-3] -s cidr-subnet comment
>"
>
>    while getopts '123s:' OPTION
>    do
>       case $OPTION in
>        1) OPT1=1
>             ;;
>        2) OPT2=1
>             ;;
>        3) OPT3=1
>             ;;
>        s) SUBNET="$OPTARG"
>             ;;
>        h)    Usage
>              exit 0
>              ;;
>       esac
>    done
># Get whatever is left. That's the comment, spaces are fine.
>shift $(($OPTIND - 1))
>COMMENT="$@"
>
># Do more stuff here.
>echo "CIDR=$SUBNET
>Comment=$COMMENT"
>
># end of test script.
>
>
>
>On 2/15/22 10:06, Alex Carver via Ale wrote:
>> The comment is part of the command line for ipset, it's an integral
>part.
>> 
>> The original questions were more about bash parameter expansions than
>ipset since it could apply to other things as well.
>> 
>> On 2022-02-14 07:46, DJPfulio--- via Ale wrote:
>>> If comments can be on the same line in the ipset file, the script is
>dumb enough to allow them.
>>> If comments have to be placed onto a different line, I'd use getopts
>... to accept 2 arguments and put the --comment input where it needs to
>go. The comment would be optional.
>>>
>>> Or create another script based on the CIDR used and pulls the
>org+location from whois records.
>>>
>>>
>>> On 2/14/22 01:38, Alex Carver via Ale wrote:
>>>> Yeah, unfortunately that doesn't help because I do want to have the
>>>> comments sometimes.  I have some rulesets specific to entities so I
>>>> don't need them there but for a couple of the catch-all lists I
>need
>>>> the comments to remind me later.  That's the reason for the script,
>>>> to handle comments or not.
>>>>
>>>> On 2022-02-13 20:31, DJPfulio--- via Ale wrote:
>>>>> My script to do this is 4 lines. No error checking. I didn't want
>>>>> to overthink it. I don't even check that the euid is 0. That's
>>>>> solved by placing the script in ~root/bin/.  K.I.S.S.
>>>>>
>>>>> #!/bin/bash
>>>>>
>>>>> IPSET_RULES_FILE="/etc/ipset.up.rules"
>>>>>
>>>>> # Make a backup cp $IPSET_RULES_FILE $IPSET_RULES_FILE.bak
>>>>>
>>>>> # Update the live ruleset - any errors? ipset add countryblock $1
>>>>>
>>>>> # Append the new rule to the bottom echo "add countryblock $1 " |
>>>>> tee -a $IPSET_RULES_FILE
>>>>>
>>>>>
>>>>> On 2/13/22 17:50, Alex Carver via Ale wrote:
>>>>>> I'm putting a tiny utility script together to make it faster for
>>>>>> me to update ipset lists and add them to a restore file in one
>>>>>> shot but I've run into a slight hiccup with what I wanted to
>>>>>> accomplish.
>>>>>>
>>>>>
>>>>> Lots of brilliant stuff deleted.
>>>>>
>>>>>>
>>>>>> Thoughts? _______________________________________________
>>>>>
>>>>>
>>>>> _______________________________________________ Ale mailing list
>Ale at ale.org https://mail.ale.org/mailman/listinfo/ale See JOBS,
>>>>> ANNOUNCE and SCHOOLS lists at http://mail.ale.org/mailman/listinfo
>>>>
>>>> _______________________________________________ Ale mailing list
>Ale at ale.org https://mail.ale.org/mailman/listinfo/ale See JOBS,
>>>> ANNOUNCE and SCHOOLS lists at http://mail.ale.org/mailman/listinfo
>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> https://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>> 
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> https://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>https://mail.ale.org/mailman/listinfo/ale
>See JOBS, ANNOUNCE and SCHOOLS lists at
>http://mail.ale.org/mailman/listinfo

-- 
Computers amplify human error
Super computers are really cool
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20220215/bc99aeb8/attachment.htm>

More information about the Ale mailing list