No, there's no need to change your python script, although it can be improved
because as it is it may flush (delete all) iptables rules and let you
vulnerable and don't create the new rules.
All you need to do is enter the commands in the shell and send it's output. The
'iptables' have changed.
----------------------------------------
> From: notr...@earthlink.net
> Subject: Re: Read txt file, add to iptables not working on new host
> Date: Fri, 24 May 2013 09:08:26 -0400
> To: python-list@python.org
>
> Thanks for answering. Do you mean something like this?
>
> outPut = os.popen('uname -a' '/sbin/iptables -V INPUT -s' + ' ' + IP + '
> ' + '-j REJECT' )
>
> Sorry but like I said, I have no experience with any of this.
>
>
>
> On 5/23/2013 11:10 PM, Carlos Nepomuceno wrote:
>> Send the output of the following commands:
>>
>> uname -a
>> /sbin/iptables -V
>>
>>
>> ----------------------------------------
>>> From: notr...@earthlink.net
>>> Subject: Read txt file, add to iptables not working on new host
>>> Date: Thu, 23 May 2013 22:44:38 -0400
>>> To: python-list@python.org
>>>
>>> First, let me say that I have no knowledge of or experience with Python
>>> or Linux/Unix. I have a script which was written by a host tech person
>>> that ran via cron on my old server. It was designed to read IP addresses
>>> from a text file and add them to be blocked on iptables. That way, we
>>> could add or remove IPs without involving tech support daily. It worked
>>> great.
>>>
>>> Then we changed hosts and this script is now throwing errors on the new
>>> server. This host runs Python 2.6.6. This is the script:
>>>
>>> #!/usr/bin/python
>>> import os,time
>>>
>>> ##Input, Output, and TimeStamp
>>> inFile = open('/var/www/html/mydomain.com/banlist.txt','r')
>>> logFile = open('/var/log/banList.log','w')
>>> stamp = time.asctime(time.localtime())
>>>
>>>
>>> ##Daily Flush of blockList rules before re-applying Blocks
>>> os.popen('/sbin/iptables -F INPUT')
>>> logFile.write(stamp), logFile.write('\n'), logFile.write('Flushing
>>> Rules..\n')
>>>
>>> ##Loop to read in file and Apply rules to IPtables
>>> for line in inFile.readlines():
>>> tmp = line.split(';')
>>> IP = tmp[0]
>>> outPut = os.popen( '/sbin/iptables -A INPUT -s' + ' ' + IP + ' ' + '-j
>>> REJECT' )
>>> logFile.write(IP), logFile.write(' - Has been blocked '),
>>> logFile.write(stamp),logFile.write
>>>
>>>
>>> The errors we're getting are like these:
>>>
>>> Bad argument `174.37.65.204'
>>> Try `iptables -h' or 'iptables --help' for more information.
>>> Bad argument `94.159.162.182'
>>> Try `iptables -h' or 'iptables --help' for more information.
>>> Bad argument `95.134.132.98'
>>> Try `iptables -h' or 'iptables --help' for more information.
>>> etc.
>>>
>>> Entries from the banlist.txt are like these:
>>>
>>> 200.193.54.138; February 9, 2013, 7:42 am <br>
>>> 87.120.57.4; February 9, 2013, 7:42 am <br>
>>> 82.206.129.160; February 9, 2013, 7:43 am <br>
>>> etc.
>>>
>>> I know the error points to a bad iptables command.
>>> Can someone tell me what change(s) I need to make to this script to get
>>> it working again? Thanks.
>>>
>>>
>>>
>>> --
>>> My email address on the header is a non-monitored spam catching account.
>>> I can be reached via http://www.wvnh.net/contact.htm
>>>
>>> --
>
>
>
>
> --
> http://mail.python.org/mailman/listinfo/python-list
>
--
http://mail.python.org/mailman/listinfo/python-list
