SH script for iptables add rule for x minutes

is there any sh script to add an iptables rule for x minutes ?
FireBallITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

savoneCommented:
You can easily write one, for example if you want to open port 80 for 5 minutes:

#!/bin/bash
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
sleep 300
service iptables restart

Open in new window


The above will add a rule to open port 80, then wait 5 minutes and restart iptables to remove the rule.
0
FireBallITAuthor Commented:
that is ok what if you add one rule in 5 minutes what if you add an other rule after 1 minute ?
0
savoneCommented:
I am not really understanding your follow up question.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

FireBallITAuthor Commented:
our system blocking ip addresses when it has anomality if we block an ip on
12:01and then if we block an other ip on 12:04 both ips will be released on 12:05
0
savoneCommented:
What is it exactly you are trying to do?

If you want to block a certain IP address for 5 minutes and you want to do it from the command line here is some code:

#!/bin/bash
if [[ -z $1 ]]; then
        echo "Please input an IP address to block"
        echo "example:"
        echo "nohup block45.sh 192.168.1.7 &>/dev/null &"
else
        ip="$1"
        echo "Adding rule to block all traffic from $i"
        iptables -I INPUT -p all -s "$ip" -j DROP
        sleep 300
        iptables -D INPUT -p all -s "$ip" -j DROP
fi

Open in new window


You can run the script and pass it an IP address, it will block the IP for 5 minutes then delete the rule, like so:

./block45.sh 192.168.8.222

BUT, if you close the shell the script will stop and you will have the iptables rule stuck there. I recommend running the script with nohup and some other fancyness, like so:

nohup /path/to/block45.sh 192.168.8.222 &>/dev/null &

Now the script will run in the background and you can block an IP every minute if you want.  The IP address will still be blocked for 5 minutes each.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
FireBallITAuthor Commented:
yes that is good and what i need
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.