0

I've written a bash script to ban country IP blocks from my router.

Why is it that the following works:

for ip in $(wget -qO- http://ipdeny.com/ipblocks/data/countries/cn.zone)
do 
    iptables -I wanin -s "$ip" -j DROP
done

But the following in which I nest multiple countries does not?

for country in CN AD
do 
    for ip in $(wget -qO- http://ipdeny.com/ipblocks/data/countries/$country.zone) 
    do 
        iptables -I wanin -s "$ip" -j DROP
    done
done
Improve this question

2 Answers 2

Reset to default
3

See that it's case sensistive. You have

for country in CN AD;

See that you are using caps here. If you use

for country in cn ad;

Then it should work. Try out yourself the link not working upper case zone and working with lower case zone

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Since country is expected to be lowercase you may add declare -l country like this:

declare -l country
for country in CN AD; do 
  for ip in $(wget -qO- http://ipdeny.com/ipblocks/data/countries/$country.zone); do
    iptables -I wanin -s "$ip" -j DROP
  done
done

or use the ${var,,} parameter expansion:

for country in CN AD; do 
  for ip in $(wget -qO- http://ipdeny.com/ipblocks/data/countries/${country,,}.zone); do
    iptables -I wanin -s "$ip" -j DROP
  done
done
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.