7

ipset not executing from crontab

view full story
linux-howto

http://unix.stackexchange.com – I have this txt files that contains IPs, one per line of file, that I want to block using ipset. I have this bash script that essentially reads from the plain txt file and constructs an array. Then it iterates the array elements and add each one to the ipset I have created for that purpose. The problem is this: if I execute the script manually from the terminal, it works perfectly, but when I add the script to run periodically using crontab, the script runs but the IPs are not added to the ipset. This is the relevant part of the script. index=0 while true; do ipset -quiet -A myIpset $[ar (HowTos)

Songlist's picture
Submitted by Songlist on 02/23/2013 – Made popular on 02/23/2013

Stories similar to ipset not executing from crontab

Am implementing ipset on some Fedora 16 systems.

Since ipset rules run in memory and are lost on reboot planning to use a crontab @reboot script to reload the rules and send an email to administrator confirming the ruleset has been loaded.

Is there any problem in this approach or other recommended way to reload ipset rules after a reboot?

I am using ipset in conjunction with iptables to create a list of IPs I want to block. I did this:

ipset -N blocking iphash ipset -A blocking 124.205.11.230 // and repeated this line for all IPs I want to add to "blocking" list

now I have to add this rule to iptables

if I do this

iptables -A INPUT -m set --set blocking src -j DROP

the IPs will be blocked for everything SSH, FTP, etc.

Hi all, I have Iptables set up to block certain groups of IP addresses through Ipset. However, when I look at my logs in the morning, I can see that IP's that I have already added to m... [by Steely]

I'm running CentOS 6.3, 2.6.32-279.9.1.el6.x86_64. ipset's the latest package from base, 6.11. 8 GB RAM.I want to create a set with many entries from bluetack merged into one ... [by nibb0r]

ipset installation issue 33 weeks 3 days ago

One of the comments on https://aur.archlinux.org/packages.php?ID=25716 says niki wrote:Could the conflict/provides/replaces lines for ipset be removed from the package, as ipset is no longer included.You can try editing the PKGBUILD and removing the conflict: https://aur.archlinux.org/packages/xt/x … s/PKGBUILD

karol https://bbs.archlinux.org/profile.php?id=25522

2012-09-29T20:38:29Z

I have a strange thing (i think), I added a line in my crontab on an QNAP NAS with crontab -e i saved (:wq!)

This line would have had a script to run for every 5 minutes so i dit 5 * * * * and the script name. And restarted the crontab.

This script fills a database. Last night i quit trying, went to bed and kept de NAS running. And wen ik woke up this morning i looked at the database and the scr

I use MAC address filtering on my Linux router. Here is what I have done:

iptables -A INPUT -i eth5 -m mac --mac-source 00:07:e9:84:2b:99 -j RETURN #User: Someuser iptables -A INPUT -i eth5 -j DROP

But the Iptables rule list is huge with more than 400 entries. Recently I read about the advantages of using Ipset with Iptables here.

Hello, Everyone...

My issue today involves decrypting a *.pgp (Pretty Good Encryption) file. I'm able to decrypt the file, in question, just fine, by manually running a script.

It's easy to block IPs from country using iptables (e.g. like http://www.cyberciti.biz/faq/block-entier-country-using-iptables/). However I read that the performance can go down if the deny list get too large.