#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Posts
    2
    Rep Power
    0

    Read txt file, add to iptables not working


    First, let me say that I have no knowledge of or experience with Python. I have a script which was written by a host tech person that ran via cron on my old server. It was designed to read IP addresses from a text file and add them to be blocked on iptables. That way, we could add or remove IPs without involving tech support daily.

    We changed hosts and this script is now throwing errors on the new server. This host runs Python 2.6.6. This is the script:

    Code:
    #!/usr/bin/python
    import os,time
    
    ##Input, Output, and TimeStamp
    inFile = open('/var/www/html/mydomain.com/banlist.txt','r')
    logFile = open('/var/log/banList.log','w')
    stamp = time.asctime(time.localtime())
    
    
    ##Daily Flush of blockList rules before re-applying Blocks
    os.popen('/sbin/iptables -F INPUT')
    logFile.write(stamp), logFile.write('\n'), logFile.write('Flushing Rules..\n')
    
    ##Loop to read in file and Apply rules to IPtables
    for line in inFile.readlines():
    	tmp = line.split(';')
     	IP = tmp[0]
    	outPut = os.popen( '/sbin/iptables -A INPUT -s' + ' ' + IP + ' ' + '-j REJECT' )
    	logFile.write(IP), logFile.write(' - Has been blocked '), logFile.write(stamp),logFile.write('\n')
    The errors we're getting are like these:

    Bad argument `174.37.65.204'
    Try `iptables -h' or 'iptables --help' for more information.
    Bad argument `94.159.162.182'
    Try `iptables -h' or 'iptables --help' for more information.
    Bad argument `95.134.132.98'
    Try `iptables -h' or 'iptables --help' for more information.
    etc.

    Entries from the banlist.txt are like these:

    200.193.54.138; February 9, 2013, 7:42 am <br>
    87.120.57.4; February 9, 2013, 7:42 am <br>
    82.206.129.160; February 9, 2013, 7:43 am <br>
    etc.

    Can someone tell me what change(s) I need to make to this script to get it working again? Thanks.
  2. #2
  3. Contributing User
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Aug 2011
    Posts
    4,963
    Rep Power
    481
    The iptables command is invalid.
    For further assistance (from me) write a valid iptables command that does what you need. Post it.

    Run the command in a terminal emulation window (I use emacs shell mode, I expect you'll use a program like decterm (too old), xterm (too old), or whatever sorry program you use). You might need to run it with root privilege.

    sudo /path/iptables arguments

    cut and paste the command into this forum thread.
    [code]Code tags[/code] are essential for python code and Makefiles!
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Posts
    2
    Rep Power
    0
    The only thing I understand that you said was that the iptables command is invalid.

    I have no clue what a terminal emulation window is. And if I could write a valid iptables command, I wouldn't be in here asking for help.

    Thank you for taking the time to respond even though you apparently missed the very first sentence of my original post.

    Comments on this post

    • b49P23TIvg disagrees
  6. #4
  7. Contributing User
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Aug 2011
    Posts
    4,963
    Rep Power
    481
    Had you said "I have no knowledge of unix." then I'd agree that I ignored your first sentence. iptables has nothing to do with python. Python can run system commands, that's all. iptables could be implemented in python. Not important.

    Please head this advice: iptables controls your system's internet firewall. Get a trusted source within your company to fix this program. An outsider who knows what he's doing could open your system to the world, and you, knowing nothing, would stupidly comply by installing whatever you're told.

    You see, you could have been knowledgeable about unix but not python to have asked this question.
    [code]Code tags[/code] are essential for python code and Makefiles!

IMN logo majestic logo threadwatch logo seochat tools logo