Saturday, March 27, 2021

BASH tricks with strings

I've been trying to leave Bash Scripting for a long time, favoring Python scripting. But when I guess I can't go further with Bash scripting, it just brings me something cool and new!

I must accept ICMP from a few OVH IPs, and among them are 2 IPs from my server network, where the last octet will be 250 and 251. To make it easier to understand, suppose that my server IP is a.b.c.d. So I must ACCEPT ICMPs from a.b.c.250 and a.b.c.251.

So, this is the amazing solution Bash Scripting offers me:

# ==========================================

# Dedicated Server IP external interface

IF_EXT="enp2s0"    # define here your external interface, such as eth0, vmbr0, etc

IP_EXT=$(ip -4 a|grep "${IF_EXT}$"|awk '{print $2}'|cut -d/ -f1)


# OVH monitoring IPs array

#    Here is the thing: the last item of this array!

IP_MONITORING=(37.187.231.251 151.80.231.244 151.80.231.245 151.80.231.246 151.80.231.247 213.186.33.62 92.222.184.0/24 92.222.185.0/24 92.222.186.0/24 167.114.37.0/24 213.186.45.4 213.251.184.9 37.59.0.235 8.33.137.2 213.186.33.13 213.186.50.98 ${IP_EXT%.*}.25{0,1})


# And finally the iptables command

for i in $(seq 0 $[${#IP_MONITORING[@]}-1]) ; do

        iptables -A INPUT -p icmp -s ${IP_MONITORING[$i]} -d ${IP_EXT} -j ACCEPT

done

# ==========================================


Notes:

- Obviously, you must run this script as root!

- I know Python would do it too. What I didn't know is that Bash could carry it out so "gracefully"!!

- I welcome any suggestion that may improve this code!!!


I hope it can help somebody out there. If it does, make me aware of it!