Re: Read txt file, add to iptables not working on new host

Discussion in 'Python' started by Chris Angelico, May 24, 2013.

  1. On Fri, May 24, 2013 at 12:44 PM, JackM <> wrote:
    > outPut = os.popen( '/sbin/iptables -A INPUT -s' + ' ' + IP + ' ' +
    > '-j REJECT' )


    There's so much about this script that's less than Pythonic, but the
    one thing I'd really like to see is a log of the exact command being
    executed. Replace the above line with this:

    command = '/sbin/iptables -A INPUT -s' + ' ' + IP + ' ' + '-j REJECT'
    outPut = os.popen(command)
    logFile.write(command+"\n")

    That will show, in your log, exactly what's being executed. You should
    then be able to execute that command in the shell and see the exact
    same result. That might also show you the problem - it might be
    obvious from the commands logged.

    If that doesn't work, here's a rewrite of your code for cleanliness,
    which still does what I think your original code does. See if they act
    differently...

    -- cut --

    #!/usr/bin/python
    import os
    import time

    # Input, Output, and TimeStamp
    inFile = open('/var/www/html/mydomain.com/banlist.txt','r')
    logFile = open('/var/log/banList.log','w')
    stamp = time.asctime(time.localtime())

    # Daily Flush of blockList rules before re-applying Blocks
    os.popen('/sbin/iptables -F INPUT')
    logFile.write(stamp+'\nFlushing Rules..\n')

    # Loop to read in file and Apply rules to IPtables
    for line in inFile: # TODO: Use 'with' for a bit of protection
    ip = line.split(';')[0]
    output = os.popen( '/sbin/iptables -A INPUT -s ' + ip + ' -j REJECT' )
    logFile.write(IP+' - Has been blocked\n')


    -- cut --

    Since the timestamp doesn't change across a run anyway, there's not
    much point printing it out every time, and I'm also putting newlines
    in the logfile. Beyond that, it should function the same way as the
    original.

    ChrisA
     
    Chris Angelico, May 24, 2013
    #1
    1. Advertisements

  2. On Sat, May 25, 2013 at 2:32 AM, JackM <> wrote:
    > So Chris, does this version look better? Changed to inFile to with.
    >


    Heh, I didn't know you knew about with :) Since you know how to use
    it, you probably also know why it's useful. Anyway, the main thing is
    to see the exact command that's being executed, which you then should
    be able to try at a shell prompt.

    ChrisA
     
    Chris Angelico, May 24, 2013
    #2
    1. Advertisements

  3. Chris Angelico

    Dave Angel Guest

    On 05/24/2013 12:32 PM, JackM wrote:
    > So Chris, does this version look better? Changed to inFile to with.
    >
    >
    > #!/usr/bin/python
    > import os
    > import time
    >
    > # Input, Output, and TimeStamp
    > logFile = open('/var/www/html/statistics/logs/banList.log','w')
    > stamp = time.asctime(time.localtime())
    >
    > # Daily Flush of blockList rules before re-applying Blocks
    > os.popen('/sbin/iptables -F INPUT')
    > logFile.write(stamp+'\nFlushing Rules..\n')
    >
    > # Loop to read in file and Apply rules to IPtables
    > with open('/var/www/html/mydomain.com/banlist.txt','r') as inFile:
    > for line in inFile: # TODO: Use 'with' for a bit of protection
    > ip = line.split(';')[0]


    You want to write the command to the logfile here, BEFORE you try the
    popen(). That way if there's a problem, you can see what it was about
    to try before it crashed.

    > output = os.popen( '/sbin/iptables -A INPUT -s ' + ip + ' -j
    > REJECT' )
    > logFile.write(ip+' - Has been blocked\n')
    >
    >
    >
    >


    --
    DaveA
     
    Dave Angel, May 24, 2013
    #3
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Lincoln Yeoh
    Replies:
    1
    Views:
    1,168
    Ben Morrow
    Nov 12, 2003
  2. Krashan

    Java bindings for IPTABLES

    Krashan, Jul 26, 2005, in forum: Java
    Replies:
    3
    Views:
    1,943
    Pawel Kraszewski
    Jul 26, 2005
  3. Douglas Soares de Andrade

    About a python module (iptables)

    Douglas Soares de Andrade, Nov 10, 2004, in forum: Python
    Replies:
    0
    Views:
    346
    Douglas Soares de Andrade
    Nov 10, 2004
  4. Sameen
    Replies:
    2
    Views:
    712
    Victor Bazarov
    Aug 29, 2005
  5. King

    Read .txt file like .py file

    King, Jul 27, 2008, in forum: Python
    Replies:
    2
    Views:
    355
  6. Jochen Brenzlinger
    Replies:
    7
    Views:
    8,031
    Roedy Green
    Sep 15, 2011
  7. Alex Dowad
    Replies:
    4
    Views:
    688
    Michel Demazure
    May 1, 2010
  8. Ram
    Replies:
    3
    Views:
    532
    Tad McClellan
    Apr 26, 2007
Loading...