Help needed writing a script

Status
Not open for further replies.
Joined
Mar 6, 2014
Messages
686
Code:
${fwcmd} add 01006 allow ip from 192.168.1.0/24 to 192.168.1.0/24 keep-state
${fwcmd} add 02000 allow ip from 192.168.1.0/24 to 192.168.1.202 keep-state #this being the IP of the transmission Jail, NOT my my actual server which is 1.16

Like this, your 02000 rule is redundant, since it is already covered in rule 01006.

If i assume you would like to connect to a VPN, then your 02000 rule should not be to allow traffic to the jail IP but to the VPN server IP
Code:
 ${fwcmd} add 02000 allow ip from 192.168.2.0/24 to ##. ###. ###. ### keep-state #VPN IP[/CODE]
[/QUOTE]
 

UF8FF

Dabbler
Joined
Jan 16, 2016
Messages
29
Like this, your 02000 rule is redundant, since it is already covered in rule 01006.

If i assume you would like to connect to a VPN, then your 02000 rule should not be to allow traffic to the jail IP but to the VPN server IP
perfect. thank you!
 
Joined
Mar 6, 2014
Messages
686

UF8FF

Dabbler
Joined
Jan 16, 2016
Messages
29
Like this, your 02000 rule is redundant, since it is already covered in rule 01006.

If i assume you would like to connect to a VPN, then your 02000 rule should not be to allow traffic to the jail IP but to the VPN server IP
Might i ask. What happens if the VPN IP changes?
 
Joined
Mar 6, 2014
Messages
686
Might i ask. What happens if the VPN IP changes?
I think you should read this whole thread, including the threads linked.
The VPN service server IP address you are connecting to won't change. I'ts the tun# IPs that may change. This thread is all about how to cope with that with a script.
 

UF8FF

Dabbler
Joined
Jan 16, 2016
Messages
29
Must've not understood it when I skimmed through. I'll go through it. Thanks again.
 
Joined
Mar 6, 2014
Messages
686
Must've not understood it when I skimmed through. I'll go through it. Thanks again.
No problem, happy to help where I can.
 

Montel Bahn

Dabbler
Joined
Oct 12, 2015
Messages
40
@joeschmuck re :'In the google searches include the word "bash". Bash can be very finicky.'

How did you know he was using BASH?
I thought I read somewhere plain Bourne is 'better' for scripts?
Is BASH more powerful, or just more widely used and thus easier to google for?
When you say BASH can be finicky, are you speaking generically(shell scripting in general) or
do you mean in contrast to other shells?

I be noobs here(and way to many other places!)
 

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,681
Most Linux n00bs confuse "bash" with "sh", resulting in sh scripts that have all sorts of bash'isms that then won't work on a proper UNIX system.

bash heaps a bunch of new constructs on top of the old sh-style scripting. I wouldn't consider that to be bad, because Bourne shell scripting has some rather awful sharp edges, but it's really frustrating when someone has decided to "#! /bin/sh" their BASH script and you don't notice that buried within are bash'isms, and things break, and you have to rewrite their crap.

Bourne shell script is by far more widely used and is generally the gold standard in scripting languages on UNIX.
 

Bidule0hm

Server Electronics Sorcerer
Joined
Aug 5, 2013
Messages
3,710
Or you can script POSIX and your script can be used with any shell... just sayin'... :D
 

joeschmuck

Old Man
Moderator
Joined
May 28, 2011
Messages
10,970
@joeschmuck re :'In the google searches include the word "bash". Bash can be very finicky.'

How did you know he was using BASH?
I thought I read somewhere plain Bourne is 'better' for scripts?
Is BASH more powerful, or just more widely used and thus easier to google for?
When you say BASH can be finicky, are you speaking generically(shell scripting in general) or
do you mean in contrast to other shells?

I be noobs here(and way to many other places!)
That really wasn't the case, but as previously explained by @jgreco the "#! /bin/sh" doesn't always work the way you think it should. I personally have had better luck with this vice "#! /bin/bash" with my scripts. Could be because I never learned the proper way but it's not for the lack of trying. Syntax must be exact is what I mean by finicky and operators must be used in the correct way to get the desired outcome. And I personally enjoy writing scripts, it reminds me of simpler times.
 

Mirfster

Doesn't know what he's talking about
Joined
Oct 2, 2015
Messages
3,215

joeschmuck

Old Man
Moderator
Joined
May 28, 2011
Messages
10,970
I recall purchasing two programming books for machine code for the 8080 family and assembly, each was $60. This was just to support my hobby of being a geek in those days and that helped me in my career as well later on in life. I likely still have those books buried in a box somewhere in the basement and they were full of corners of the pages bent over.
 

joeschmuck

Old Man
Moderator
Joined
May 28, 2011
Messages
10,970
You're my HERO, Electrical Engineering books are fantastic to study and to see how some of today's stuff came about. Imagine the people who thought and designed this stuff, just amazing. I'll bet we have a few VAX programming books in my office still even though we got rid of VAX machines about 10 years ago. My team holds on to everything.
 

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,681
I have to admit that EE was only a minor and I wasn't that great with the analog stuff. Digital was a lot of fun though.

VAX was a great CISC architecture and a lot of fun to code for.
 

joeschmuck

Old Man
Moderator
Joined
May 28, 2011
Messages
10,970
CISC architecture
And RISC as well was interesting but I was only exposed to it briefly, I don't even remember what the system was. But who knows what we are talking about.
 

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,681
DEC Alpha? RS/6000? UltraSPARC? PowerPC? ARM? History is littered with 'em. :-( SO many fun things to play with though.
 

joeschmuck

Old Man
Moderator
Joined
May 28, 2011
Messages
10,970
Agreed
 
Status
Not open for further replies.
Top