Home –  bash
Tag Archives: bash

Add auto-complete to “yum”

We really enjoy the auto complete feature in bash but it would be great to have it with “yum”. Debian based Linux Users already have it. Red Hat based distros do not ship with auto-complete enabled in “yum” which would be great if they do. Meanwhile here is a small trick to use mighty auto complete with “yum”, this will work with Red Hat as well as Cent OS and Fedora (all versions).

  • Change to root
 su - 
  • Install the package: bash-completion
 yum install bash-completion 

And you are good to go. You can now type “yum install “ and hit [TAB] to load suggestions just like in bash.

How to block a country using iptables?

If you are an admin of a website and you see a lot of bogus traffic coming from some countries which give no profit to you, and you want to block those countries from accessing your website then you can use the bash script given below.

There are two ways to block countries. First is to configure your Apache server and second is to set iptables commands. We will do this using iptables. First of all download the list of IP zone files of the country which you want to block from here.

The script will not work if people of that country are using any proxy server or they have spoofed their IP address.

#!/bin/bash
### Block all traffic from AFGHANISTAN (af) and CHINA (CN). Use ISO code ###
ISO="af cn"
 
### Set PATH ###
IPT=/sbin/iptables
WGET=/usr/bin/wget
EGREP=/bin/egrep
 
### No editing below ###
SPAMLIST="countrydrop"
ZONEROOT="/root/iptables"
DLROOT="http://www.ipdeny.com/ipblocks/data/countries"
 
cleanOldRules(){
$IPT -F
$IPT -X
$IPT -t nat -F
$IPT -t nat -X
$IPT -t mangle -F
$IPT -t mangle -X
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
}
 
# create a dir
[ ! -d $ZONEROOT ] && /bin/mkdir -p $ZONEROOT
 
# clean old rules
cleanOldRules
 
# create a new iptables list
$IPT -N $SPAMLIST
 
for c  in $ISO
do
	# local zone file
	tDB=$ZONEROOT/$c.zone
 
	# get fresh zone file
	$WGET -O $tDB $DLROOT/$c.zone
 
	# country specific log message
	SPAMDROPMSG="$c Country Drop"
 
	# get
	BADIPS=$(egrep -v "^#|^$" $tDB)
	for ipblock in $BADIPS
	do
	   $IPT -A $SPAMLIST -s $ipblock -j LOG --log-prefix "$SPAMDROPMSG"
	   $IPT -A $SPAMLIST -s $ipblock -j DROP
	done
done
 
# Drop everything
$IPT -I INPUT -j $SPAMLIST
$IPT -I OUTPUT -j $SPAMLIST
$IPT -I FORWARD -j $SPAMLIST
 
# call your other iptable script
# /path/to/other/iptables.sh
 
exit 0

You must be logged in as a ‘root’ user to run this script. Mention the country names which you want to block in ‘ISO’.

To run the script

# /path/block_country.sh

You can add this script to crontab so that it will run automatically.

@weekly /path/block_country.sh

Below is an another script which does the same work:

#!/bin/bash
###PUT HERE COMA SEPARATED LIST OF COUNTRY CODE###
COUNTRIES="AK,AR"
WORKDIR="/root"
#######################################
cd $WORKDIR
wget -c --output-document=iptables-blocklist.txt http://blogama.org/country_query.php?country=$COUNTRIES
if [ -f iptables-blocklist.txt ]; then
  iptables -F
  BLOCKDB="iptables-blocklist.txt"
  IPS=$(grep -Ev "^#" $BLOCKDB)
  for i in $IPS
  do
    iptables -A INPUT -s $i -j DROP
    iptables -A OUTPUT -d $i -j DROP
  done
fi
rm $WORKDIR/iptables-blocklist.txt

How to run a Linux Shell Script?

Have you ever wondered how you can run a script in Linux?
Every script that needs to run should have a execute permission. By default it is refrained from such permission. One has to assign execute bit manually. In order to do so execute following command:

#chmod +x SomeScriptFile
OR
#chmod 0755 SomeScriptFile

ls command can be used to check permissions on files:
# ls -l /bin/uname

Output:
-rwxr-xr-x. 1 root root 25948 Feb 8 2011 /bin/uname

[uname is being used for an example, it can be replaced with any script]

To run script:
$ ./SomeScriptFile [Enter]

You can also execute by specifying its full path
$ /full/path/here/SomeScriptFile.sh

For executing it in ksh shell:
$ ksh SomeScriptFile

For executing in bash shell :
$ bash SomeScriptFile

Illustration:

Creating a test shell script test.sh, any text editor can be used.
#!/bin/bash
echo “ Hello, Free World”
echo “ You are at : $(pwd)”

After saving this file, set the execute bit:
$ chmod +x test.sh
$ ./test.sh

./ can be omitted if current directory has its entry in PATH variable. It is advised to have your own bin directory. Add this directory to PATH variable using export command. Move your recently created script in this directory and save all the hassle of writing whole path, now you can execute this command from anywhere. This procedure is shown below:

$ mkdir $HOME/bin
$ export PATH=$PATH:$HOME/bin
$ mv test.sh $HOME/bin
$ test.sh