Re: Read txt file, add to iptables not working on new host

Discussion in 'Python' started by Chris Angelico, May 24, 2013.

  1. On Fri, May 24, 2013 at 12:44 PM, JackM <> wrote:
    > outPut = os.popen( '/sbin/iptables -A INPUT -s' + ' ' + IP + ' ' +
    > '-j REJECT' )


    There's so much about this script that's less than Pythonic, but the
    one thing I'd really like to see is a log of the exact command being
    executed. Replace the above line with this:

    command = '/sbin/iptables -A INPUT -s' + ' ' + IP + ' ' + '-j REJECT'
    outPut = os.popen(command)
    logFile.write(command+"\n")

    That will show, in your log, exactly what's being executed. You should
    then be able to execute that command in the shell and see the exact
    same result. That might also show you the problem - it might be
    obvious from the commands logged.

    If that doesn't work, here's a rewrite of your code for cleanliness,
    which still does what I think your original code does. See if they act
    differently...

    -- cut --

    #!/usr/bin/python
    import os
    import time

    # Input, Output, and TimeStamp
    inFile = open('/var/www/html/mydomain.com/banlist.txt','r')
    logFile = open('/var/log/banList.log','w')
    stamp = time.asctime(time.localtime())

    # Daily Flush of blockList rules before re-applying Blocks
    os.popen('/sbin/iptables -F INPUT')
    logFile.write(stamp+'\nFlushing Rules..\n')

    # Loop to read in file and Apply rules to IPtables
    for line in inFile: # TODO: Use 'with' for a bit of protection
    ip = line.split(';')[0]
    output = os.popen( '/sbin/iptables -A INPUT -s ' + ip + ' -j REJECT' )
    logFile.write(IP+' - Has been blocked\n')


    -- cut --

    Since the timestamp doesn't change across a run anyway, there's not
    much point printing it out every time, and I'm also putting newlines
    in the logfile. Beyond that, it should function the same way as the
    original.

    ChrisA
     
    Chris Angelico, May 24, 2013
    #1
    1. Advertising

  2. On Sat, May 25, 2013 at 2:32 AM, JackM <> wrote:
    > So Chris, does this version look better? Changed to inFile to with.
    >


    Heh, I didn't know you knew about with :) Since you know how to use
    it, you probably also know why it's useful. Anyway, the main thing is
    to see the exact command that's being executed, which you then should
    be able to try at a shell prompt.

    ChrisA
     
    Chris Angelico, May 24, 2013
    #2
    1. Advertising

  3. Chris Angelico

    Dave Angel Guest

    On 05/24/2013 12:32 PM, JackM wrote:
    > So Chris, does this version look better? Changed to inFile to with.
    >
    >
    > #!/usr/bin/python
    > import os
    > import time
    >
    > # Input, Output, and TimeStamp
    > logFile = open('/var/www/html/statistics/logs/banList.log','w')
    > stamp = time.asctime(time.localtime())
    >
    > # Daily Flush of blockList rules before re-applying Blocks
    > os.popen('/sbin/iptables -F INPUT')
    > logFile.write(stamp+'\nFlushing Rules..\n')
    >
    > # Loop to read in file and Apply rules to IPtables
    > with open('/var/www/html/mydomain.com/banlist.txt','r') as inFile:
    > for line in inFile: # TODO: Use 'with' for a bit of protection
    > ip = line.split(';')[0]


    You want to write the command to the logfile here, BEFORE you try the
    popen(). That way if there's a problem, you can see what it was about
    to try before it crashed.

    > output = os.popen( '/sbin/iptables -A INPUT -s ' + ip + ' -j
    > REJECT' )
    > logFile.write(ip+' - Has been blocked\n')
    >
    >
    >
    >


    --
    DaveA
     
    Dave Angel, May 24, 2013
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Lincoln Yeoh
    Replies:
    1
    Views:
    1,027
    Ben Morrow
    Nov 12, 2003
  2. Sameen
    Replies:
    2
    Views:
    477
    Victor Bazarov
    Aug 29, 2005
  3. Jochen Brenzlinger
    Replies:
    7
    Views:
    5,858
    Roedy Green
    Sep 15, 2011
  4. Carlos Nepomuceno
    Replies:
    0
    Views:
    125
    Carlos Nepomuceno
    May 24, 2013
  5. Carlos Nepomuceno
    Replies:
    0
    Views:
    150
    Carlos Nepomuceno
    May 24, 2013
Loading...

Share This Page