Never did find out why they where being applied multiple times but I just removed the separate blacklist file and amalgamated it into the iptables.up.rules file.
Not as pretty but stops the duplication.
質問
Specifically talking about an Ubuntu 10.04 LTS server (Lucid Lynx), although its probably applicable to other Linux versions.
I was trawling through the logs for a few websites, doing some spring cleaning so to speak and noticed a few IP addresses that have been acting dodgy so I wanted to add them to the blacklist.
Basically I got playing around with IPtables, the blacklist of IP's is just a text file. I then created a shell script to loop through the text file and block each IP address in IPtables.
This worked fine when the shell script was run manually. But obviously I wanted it to run automatically at start up, for whenever the server may be rebooted. So I included the shell script into
Code:
/etc/network/if-pre-up.d/iptables
So it now looks like
Code:
#!/bin/sh
/sbin/iptables-restore < /etc/iptables.up.rules
sh /etc/addBlacklist.sh
So I rebooted the server and the blacklist rules where applied, but it seems like they have been applied multiple times. As in duplicate lines appearing when iptables -L is run.
Just wondering if anyone would know the reason for this?
I suppose it doesn't really matter in the grand scheme of things but I'm curious.
解決
Never did find out why they where being applied multiple times but I just removed the separate blacklist file and amalgamated it into the iptables.up.rules file.
Not as pretty but stops the duplication.
他のヒント
Just add the iptables -F
at the start of the script so when the script starts, it automatically flushes the old entry and then blocks the ip's again.