Browsing articles tagged with " bash"

Useful one-liners

If you have a couple dozen DSCxxxx.jpg photos that you need to be renamed sequentially (or any file for that matter), like I often do, this’ll do..
(change $c.jpg to whatever extension the files should end in, you can also apply arguments to ls -1 as necessary.)

f=$(ls -1); c=0; for i in $f; do mv $i $c.jpg; c=$(echo $c + 1 | bc); done

Strip large chunks of pesky comments from dist-default sample config files:

cat httpd.conf | perl -e 'while($a=<STDIN>){if($a !~ /^\s*#/){if($a ne "\n"){print $a;}}}' >httpd.conf.nocomments

Palm Centro Bluetooth Enabler

Script Information
I recently owned a Palm Centro (although I no longer do and now I do yet again), which is a nice device except for the part where it lacks Wifi connectivity. To combat this problem, I put together a script that allows me to connect to the computer from the Centro using bluetooth, and have my computer act as a router for the unit, allowing it to get on the internet over the bluetooth connection.

It uses AppleScript and Perl, and has three parts. It can be easily modified to work on Linux.

BluetoothEnabler.scpt

set mypath to POSIX path of (path to me)
set interfaces to do shell script "/bin/bash '" & mypath & "Contents/Resources/Scripts/getinterfaces.sh'"
set ttys to do shell script "/bin/bash '" & mypath & "Contents/Resources/Scripts/getttys.sh'"

set interfacedialog to display dialog "Which interface is connected to the internet?

(Interfaces on this system: " & interfaces & ")" default answer "en1"

set syncttydialog to display dialog "Which serial port is the Bluetooth PDA sync port?

(Ports on this system: " & ttys & ")" default answer "Bluetooth-PDA-Sync"

set sharettydialog to display dialog "Which serial port is the Bluetooth modem sharing port?

This should have been added by you before running this script. If you haven't done this, click cancel, open Bluetooth preferences, go to advanced, and add a new, non-secure port of type Modem, then re-run this enabler and put it's name in this dialog.

Ports on this system: " & ttys & ")" default answer "sharing-port"

set theinterface to the text returned of interfacedialog
set thesynctty to the text returned of syncttydialog
set thesharetty to the text returned of sharettydialog

display dialog "The enabler will now run, starting a PPP server on " & thesynctty & " and " & thesharetty & ", directing packets between them, using " & theinterface & " as a default gateway. It will enable kernel-level packet forwarding and NAT.

This needs to be run each time the system is booted before the Palm will be able to connect, and not more than once.

It will require your password to run, and it may take a short time to complete. Configuration instructions for your handheld will be displayed when it is complete."

do shell script "sudo /usr/sbin/pppd /dev/tty." & thesynctty & " 115200 noauth local
  passive proxyarp asyncmap 0 silent persist :10.0.1.201 &" with administrator privileges
do shell script "sudo /usr/sbin/sysctl -w net.inet.ip.forwarding=1" with administrator privileges
do shell script "sudo /usr/sbin/natd -same_ports -use_sockets -log -deny_incoming -interface " & theinterface with administrator privileges
do shell script "sudo /sbin/ipfw add divert natd ip from any to any via " & theinterface with administrator privileges
do shell script "sudo /usr/sbin/pppd /dev/tty." & thesharetty & " 115200 noauth local passive proxyarp asyncmap 0 silent persist :10.0.1.202 &" with administrator privileges

display dialog "The enabler has run. You can now try to connect from your Palm. Your Palm should be paired to this computer.

The Palm should be configured with a connection profile set to 'Connect to PC via Bluetooth', and the device should be set to your computer. Under details, you will need to set the spped to 115,200 bps, and the Flow Ctl to automatic.

You will also need to create a new network profile, set to use the connection you just created. No username or password is necessary. Under details, the idle timeout should be set to never, and under advanced, specify an IP address of 10.0.1.201. You may use whatever DNS servers you like, reccomended are 4.2.2.1 and 4.2.2.2.

Once this is configured you should be able to connect."

getinterfaces.sh

#!/bin/bash

ifconfig | perl -e 'while($line=<STDIN>){($int)=$line=~/^(\w+\d):/;if($int ne "" && $int ne "lo0" && $int ne "gif0" && $int ne "stf0"){$allints .= $int." ";}} $allints =~ s/\ $/\n/; print $allints'

getttys.sh

#!/bin/bash

ls -1 /dev/tty.* | perl -e 'while($line=<STDIN>){($int)=$line=~/\/dev\/tty\.(.+)$/; $ints.=$int." "}$ints=~s/\ $/\n/;print $ints;'

iptables-config

Script Information

iptables-config is a fairly simple, straightforward BASH script for quickly setting up an iptables firewall on a single server to block all but specified ports, and has the ability to block certain IPs, IP blocks, or ranges of IPs. It is configured by default to allow pings. Take a look below. Simply download, modify the variables to suit your setup, and then run the script. Hasn’t been updated in a little over a year (hence why it’s in this section), but I have plans for it soon to be rc-ified and maybe a bit more .. modular. As soon as I get some free time. ^_^

Script Source

#!/bin/bash

# iptables-config by cmantito (cmantito@cmantito.com // cmantito.com)

# added a rule to allow incoming pings, so that is fixed [27/04/2006]
# next version will be rc-script-ish and slightly more flexible...eventually

# IPTABLES parameters config
incoming="iptables -A INPUT"
outgoing="iptables -A OUTPUT"
forwarding="iptables -A FORWARD"
tcp="-p TCP"
udp="-p UDP"
icmp="-p icmp"
accept="-j ACCEPT"
drop="-j DROP"
reject="-j REJECT"
forward="-j FORWARD"

# TCP: Allowed Ports
TCP_ACCEPT_PORTS="22 23 25 80 143 548 587 993 3306 3690 6667 6697 9999 48240 48241 48242 48243 48244"
# Blackholed IPs
TCP_REJECT_IPS=""
TCP_DROP_IPS="62.181.182.52"

# UDP: Allowed Ports
UDP_ACCEPT_PORTS=""
# Blackholed IPs
UDP_REJECT_IPS=""
UDP_DROP_IPS=""

# Clear existing rules.
iptables --flush

# Set REJECT rules

for ip in $TCP_REJECT_IPS ; do
   $incoming $tcp -s $ip $reject
done

for ip in $UDP_REJECT_IPS ; do
   $incoming $udp -s $ip $reject
done

# Set DROP rules

for ip in $TCP_DROP_IPS ; do
   $incoming $tcp -s $ip $drop
done

for ip in $UDP_DROP_IPS ; do
   $incoming $udp -s $ip $drop
done

# Set ACCEPT rules.

for port in $TCP_ACCEPT_PORTS ; do
   $incoming $tcp --dport $port $accept
done

for port in $UDP_ACCEPT_PORTS ; do
   $incoming $udp --dport $port $accept
done

# ACCEPT ICMP pings.

$incoming $icmp --icmp-type 8 -m state --state NEW,ESTABLISHED,RELATED $accept

# Add more rules here.

# Allow all outgoing traffic, established sessions.

$incoming -m state --state RELATED,ESTABLISHED $accept
$forwarding -i eth0 -m state --state RELATED,ESTABLISHED $accept
$outgoing -m state --state NEW,RELATED,ESTABLISHED $accept

# Set an implicit DENY

$incoming $reject
$forwarding $reject

# Show em all.
iptables -L

routersh

Script Information

routersh was a shell script designed for personal use as a login script that allows for management of iptables rules, route rules, and network interfaces, in a ‘linux box as a router’ environment. There is no support for it, but feel free to download it and customise it as you feel fit.

Script Source

#!/usr/bin/perl
use Switch;

main();

sub main {

    $ENV{'PATH'} = "/bin:/sbin:/usr/sbin:/usr/bin";

    my $hostname = `hostname --fqdn`;
    chomp($hostname);

    clearScreen();
    moveCursor(28,2);
    fancyPrint($hostname."\n\n", 32, 1, 4);

    fancyPrint("Routing\n", 36, 4);
    fancyPrint("\t[1]", 33, 1); print " Start routing\n";
    fancyPrint("\t[2]", 33, 1); print " Stop routing\n";
    fancyPrint("\t[3]", 33, 1); print " Show routes\n";
    fancyPrint("\t[4]", 33, 1); print " Edit port forwards\n";
    print "\n";
    fancyPrint("Access Point\n", 36, 4);
    fancyPrint("\t[5]", 33, 1); print " SNMP AP Config\n";
    print "\n";
    fancyPrint("Network Interfaces\n", 36, 4);
    fancyPrint("\t[6]", 33, 1); print " Show interfaces\n";
    print "\n";
    fancyPrint("Clients\n", 36, 4);
    fancyPrint("\t[7]", 33, 1); print " Show DHCP leases\n";
    fancyPrint("\t[8]", 33, 1); print " Show all active clients\n";
    print "\n";
    fancyPrint("Other\n", 36, 4);
    #fancyPrint("\t[S]", 33, 1); print " Launch shell\n";
    fancyPrint("\t[X]", 33, 1); print " Exit to shell\n";

    print "\nPlease make a selction [1-7, S, X]: ";
    $choice = ;
    chomp($choice);
    $choice = lc($choice);

    switch($choice){
        case "x" {
            exit;
        }
        case "s" {
            system('/bin/bash');
        }
        case "1" {
            $run = `/etc/rc.d/iptables start 2>&1`;
            if($run =~ /FAIL/i){
                fancyPrint("Start routing failed! Press RETURN.", 37, 41, 1);
            }else{
                fancyPrint("Routing started. Press RETURN.", 30, 42, 1);
            }
            $wait = ;
        }
        case "2" {
            $run = `/etc/rc.d/iptables stop 2>&1`;
            if($run =~ /FAIL/i){
                fancyPrint("Stop routing failed! Press RETURN.", 37, 41, 1);
            }else{
                fancyPrint("Routing stopped.  Press RETURN.", 30, 42, 1);
            }
            $wait = ;
        }
        case "3" {
            fancyPrint("Press 'q' to return. Press RETURN to continue.", 30, 42, 1);
            $wait = ;
            system("/sbin/route -e -n | /bin/less");
        }
        case "4" {
            print "What you like to add or delete a port forward? (add/del): ";
            $pfDo = ;
            chomp($pfDo);

            if(lc($pfDo) eq "add"){
                print "TCP or UDP? (tcp/udp): ";
                $proto = ;
                chomp($proto);

                if(lc($proto) eq "tcp"){ $proto = "tcp"; }
                elsif(lc($proto) eq "udp"){ $proto = "udp"; }
                else{ main(); }

                print "Destination port (WAN): ";
                $dPort = ;
                chomp($dPort);

                print "Destination IP (LAN): ";
                $dIP = ;
                chomp($dIP);

                print "New destination port (LAN): ";
                $newdPort = ;
                chomp($newdPort);

                open(FORWARDS, ">>/etc/ipForwards.conf");
                print FORWARDS $proto.",".$dPort.",".$dIP.",".$newdPort."\n";
                close(FORWARDS);

                system("/usr/sbin/iptables -A PREROUTING -t nat -p ".$proto." --dport ".$dPort." -i wan0 -j DNAT --to ".$dIP.":".$newdPort);
                system("/usr/sbin/iptables -A FORWARD -p ".$proto." -d ".$dIP." --dport ".$newdPort." -i wan0 -o lan0 -j ACCEPT");
                system("/usr/sbin/iptables -A FORWARD -p ".$proto." -s ".$dIP." --sport ".$newdPort." -i lan0 -o wan0 -j ACCEPT");

            }elsif(lc($pfDo) eq "del"){
                open(FORWARDS, "){
                    chomp($line);
                    $forwards[$count] = $line;
                    print $count.": ".$line."\n";
                    $count++;
                }
                close(FORWARDS);
                print "Number of forward to remove: ";
                $rmPort = ;
                chomp($rmPort);
                if($rmPort eq ""){ main(); }
                ($proto, $dPort, $dIP, $newdPort) = split(/,/, $forwards[$rmPort]);
                system("/usr/sbin/iptables -D PREROUTING -t nat -p ".$proto." --dport ".$dPort." -i wan0 -j DNAT --to ".$dIP.":".$newdPort);
                system("/usr/sbin/iptables -D FORWARD -p ".$proto." -d ".$dIP." --dport ".$newdPort." -i wan0 -o lan0 -j ACCEPT");
                system("/usr/sbin/iptables -D FORWARD -p ".$proto." -s ".$dIP." --sport ".$newdPort." -i lan0 -o wan0 -j ACCEPT");

                delete $forwards[$rmPort];

                open(FORWARDS, ">/etc/ipForwards.conf");
                foreach $newLine(@forwards) {
                    if($newLine ne ""){
                        print FORWARDS $newLine."\n";
                    }
                }
                close(FORWARDS);
            }else{
                main();
            }
        }
        case "5" {
            system("/usr/bin/ap-config");
        }
        case "6" {
            fancyPrint("Press 'q' to return. Press RETURN to continue.", 30, 42, 1);
            $wait = ;
            system("/sbin/ifconfig | /bin/less");
        }
        case "7" {
            my @leases;
            my $x;

            clearScreen();
            open(DHCP, "/var/state/dhcp/dhcpd.leases");
            while($line = ){
                if($line =~ /^lease (.+) \{/){
                    $ipAddr = $1;
                }
                if($line =~ /^\s+hardware ethernet (.+);/){
                    $macAddr = $1;
                }
                if($line =~ /^\s+client-hostname "(.+)";/){
                    $clientName = $1;
                }
                if($line =~ /^}/){
                    if(!$clientName){
                        $clientName = "";
                    }
                    $leases[$x][0] = $clientName;
                    $leases[$x][1] = $ipAddr;
                    $leases[$x][2] = $macAddr;
                    $clientName = "";
                    $ipAddr = "";
                    $macAddr = "";
                    $x++;
                }
            }
            close(DHCP);
            fancyPrint("Hostname", 4);
            print "\t";
            fancyPrint("Assigned IP", 4);
            print "\t\t";
            fancyPrint("MAC Address", 4);
            print "\n";
            my %shownLease;
            for($q = 0; $q <= $#leases; $q++){
                if($shownLease{$leases[$q][2]} < 1){
                    print $leases[$q][0]."\t\t";
                    print $leases[$q][1]."\t\t";
                    print $leases[$q][2]."\n";
                    $shownLease{$leases[$q][2]} = 1;
                }
            }
            fancyPrint("Press RETURN to continue.", 30, 42, 1);
            $wait = ;
        }
        case "8" {
            clearScreen();
            system("/sbin/arp -n -i lan0");
            fancyPrint("Press RETURN to continue.", 30, 42, 1);
            $wait = ;
        }
        else {
            main();
        }
    }

    main();

}
sub clearScreen {
    print "\e[2J";
    return;
}

sub moveCursor {
    my ($x, $y) = @_;

    print "\e[".$y.";".$x."H";
    return;
}

sub fancyPrint {
    my ($text) = shift(@_);

    $printStr = "\e[";
    for($i = 0; $i <= $#_; $i++){
        $printStr .= $_[$i];
        if($i < $#_){
            $printStr .= ";";
        }else{
            $printStr .= "m";
        }
    }

    $printStr .= $text."\e[0m";
    print $printStr;
    return;
}