[NTLUG:Discuss] For loop in bash script
Neil Aggarwal
neil at JAMMConsulting.com
Fri Apr 27 11:42:53 CDT 2007
Hello:
I am having trouble setting up a for loop in a
bash script for my firewall rules.
What I want to do is to set up rules for NAT routing
that forwards ports 2428 to 2554 to internal machines
running in ip addresses 192.168.1.128 to 192.168.1.254.
Port 2428 will go to ip 192.168.1.128, port 2429 will
go to the IP ending in 129, etc.
Here is what I wrote:
for i in `seq 128 254`;
do
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport `eval(2300+$i)`
-m state --state NEW -m recent --set
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport `eval(2300+$i)`
-m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d $ETH0_IP --dport
`eval(2300+$i)` -j DNAT --to 192.168.1.$i:22
/sbin/iptables -A FORWARD -i eth0 -o eth1 -d 192.168.1.$i -p tcp --sport
1024: --dport ssh -m state --state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o eth1 -d 192.168.1.$i -p tcp --sport
1024: --dport ssh -m state --state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i eth1 -o eth0 -s 192.168.1.$i -p tcp --sport ssh
--dport 1024: -m state --state ESTABLISHED -j ACCEPT
done
I keep getting this error:
-bash: command substitution: line 1: syntax error near unexpected token
`2300+$i'
-bash: command substitution: line 1: `eval(2300+$i)'
Is there a way to do this?
Thanks
Neil
--
Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com
FREE! Eliminate junk email and reclaim your inbox.
Visit http://www.spammilter.com for details.
More information about the Discuss
mailing list