Solved

Backing Up Ipset

Posted on 2016-09-03
9
65 Views
Last Modified: 2016-09-10
I use ipset on our Centos 6 server.  I need to back up what I have in the ipset.

I have tried this  command -
[root@ip-172-31-22-236 ~]# service iptables stop && /etc/sysconfig/ipset.geoblock && service iptables start
-bash: /etc/sysconfig/ipset.geoblock: Permission denied

Open in new window


I am logged in as root why am I getting permission denied?

Here is my script to add to the ipset
for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/[country name here].zone)
do
sudo ipset add geoblock $IP
done

Open in new window

0
Comment
Question by:sharingsunshine
  • 5
  • 4
9 Comments
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 41784044
Even root gets permission denied if you try to execute a file which does not have execute permission.
On my system, I only have ebtables-config in /etc/sysconfig, but that file is not executable.

Now get this: you should not try to execute /etc/sysconfig/ipset.geoblock by making it executable. You must dot it instead, i.e. . /etc/sysconfig/ipset
If you look at the file, you will see it sets shell variables. That is why you must dot it.
0
 

Author Comment

by:sharingsunshine
ID: 41786498
using the dot I get this error

service iptables stop && ./etc/sysconfig/ipset.geoblock && service iptables start
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: nat filter      [  OK  ]
iptables: Unloading modules:                               [  OK  ]
-bash: ./etc/sysconfig/ipset.geoblock: No such file or directory

Open in new window

0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 41787146
You need a space between the dot and the slash. You are, in effect, sourcing the file.

All ipset.geoblock does is set shell variables. You then need to run your script that runs ipset itself, as in your original post.

Please post /etc/sysconfig/ipset.geoblock as an attachment if you would like me to help you further.
Unless it exports variables, it will do you no good to run it as you are (will be) doing. Why did you think you need to run it at all?
Just run your ipset script then stop and start iptables.

(Hint: cp /etc/sysconfig/ipset.geoblock ~/geoblock.txt and post geoblock.txt)
0
 

Author Comment

by:sharingsunshine
ID: 41789276
As I stated at the first of this question I only want to back up ipset.  Looking online I was led to believe that command was how to do it.  I just need my ipset entries to be persistent if I have to turn off the server temporarily.

create geoblock hash:net family inet hashsize 1024 maxelem 65536 
add geoblock 193.91.32.0/20
add geoblock 194.42.212.0/24
add geoblock 213.166.32.0/19
add geoblock 185.4.124.0/22
add geoblock 212.66.64.0/19
add geoblock 217.197.96.0/20
add geoblock 195.43.96.0/19
add geoblock 185.6.232.0/22
add geoblock 193.168.44.0/23
add geoblock 194.61.96.0/20
add geoblock 193.168.32.0/21
add geoblock 158.167.0.0/16
add geoblock 185.80.124.0/22
add geoblock 199.103.74.0/24
add geoblock 80.90.32.0/20
add geoblock 193.168.60.0/23
add geoblock 146.220.0.0/16
add geoblock 185.9.188.0/22
add geoblock 185.30.172.0/22
add geoblock 192.103.2.0/24
add geoblock 192.91.140.0/24
add geoblock 27.96.24.0/21
add geoblock 92.250.128.0/17
add geoblock 91.195.18.0/23
add geoblock 193.19.112.0/23
add geoblock 185.40.60.0/22
add geoblock 83.243.8.0/21
add geoblock 195.46.224.0/19
add geoblock 192.160.22.0/24
add geoblock 192.172.253.0/24
add geoblock 80.246.96.0/20
add geoblock 185.66.96.0/22
add geoblock 195.218.0.0/19
add geoblock 185.13.88.0/22
add geoblock 83.99.0.0/17
add geoblock 146.3.0.0/16
add geoblock 195.24.72.0/21
add geoblock 193.169.158.0/23
add geoblock 46.29.176.0/21
add geoblock 195.246.100.0/23
add geoblock 80.255.160.0/20
add geoblock 185.71.56.0/22
add geoblock 148.110.0.0/16
add geoblock 195.34.86.0/23
add geoblock 80.92.80.0/20
add geoblock 91.241.28.0/24
add geoblock 192.207.142.0/24
add geoblock 5.149.112.0/21
add geoblock 158.169.0.0/16
add geoblock 31.216.144.0/21
add geoblock 31.172.144.0/21
add geoblock 178.251.160.0/21
add geoblock 185.94.0.0/22
add geoblock 94.125.200.0/21
add geoblock 37.157.152.0/21
add geoblock 193.168.40.0/22
add geoblock 136.173.0.0/16
add geoblock 195.28.160.0/23
add geoblock 87.240.192.0/18
add geoblock 81.92.224.0/20
add geoblock 95.130.184.0/21
add geoblock 185.3.44.0/22
add geoblock 91.142.130.0/24
add geoblock 91.232.88.0/23
add geoblock 158.64.0.0/16
add geoblock 204.79.224.0/23
add geoblock 188.93.168.0/21
add geoblock 212.117.160.0/19
add geoblock 217.31.64.0/20
add geoblock 194.42.98.0/23
add geoblock 193.168.1.0/24
add geoblock 212.233.32.0/19
add geoblock 88.207.128.0/17
add geoblock 80.92.64.0/20
add geoblock 94.252.0.0/17
add geoblock 87.254.96.0/19
add geoblock 193.168.62.0/23
add geoblock 46.17.168.0/21
add geoblock 109.69.240.0/21
add geoblock 185.97.244.0/22
add geoblock 193.109.130.0/23
add geoblock 195.200.240.0/23
add geoblock 185.69.216.0/22
add geoblock 91.214.44.0/22
add geoblock 158.168.0.0/16
add geoblock 188.42.0.0/16
add geoblock 94.103.208.0/20
add geoblock 185.69.224.0/22
add geoblock 213.135.224.0/19
add geoblock 193.168.2.0/24
add geoblock 212.56.224.0/19
add geoblock 192.58.28.0/24
add geoblock 193.168.16.0/20
add geoblock 91.190.216.0/21
add geoblock 185.42.216.0/22
add geoblock 192.156.248.0/24
add geoblock 195.26.4.0/23
add geoblock 62.182.176.0/21
add geoblock 185.65.0.0/22
add geoblock 95.128.120.0/21
add geoblock 193.168.58.0/23
add geoblock 194.36.224.0/20
add geoblock 93.93.48.0/21
add geoblock 185.68.44.0/22
add geoblock 195.10.64.0/19
add geoblock 178.255.216.0/21
add geoblock 193.9.128.0/20
add geoblock 185.32.236.0/22
add geoblock 193.168.8.0/21
add geoblock 195.137.228.0/23
add geoblock 80.64.144.0/20
add geoblock 194.154.192.0/19
add geoblock 217.117.192.0/20
add geoblock 192.91.141.0/24
add geoblock 37.230.112.0/21
add geoblock 185.36.180.0/22
add geoblock 185.26.160.0/22
add geoblock 212.24.192.0/19
add geoblock 147.67.0.0/16
add geoblock 158.166.0.0/16
add geoblock 109.120.64.0/18
add geoblock 194.152.52.0/24
add geoblock 188.115.0.0/18
add geoblock 178.254.64.0/18
add geoblock 94.242.192.0/18
add geoblock 185.49.244.0/22
add geoblock 194.0.23.0/24
add geoblock 194.0.42.0/24
add geoblock 89.106.200.0/21
add geoblock 176.65.72.0/21
add geoblock 31.22.120.0/21
add geoblock 31.204.88.0/21
add geoblock 78.31.8.0/21
add geoblock 193.178.219.0/24
add geoblock 178.249.192.0/21
add geoblock 91.142.129.0/24
add geoblock 185.100.132.0/22
add geoblock 78.141.128.0/18
add geoblock 92.42.176.0/21
add geoblock 85.93.192.0/19
add geoblock 93.174.40.0/21
add geoblock 185.44.56.0/22
add geoblock 195.35.81.0/24
add geoblock 80.90.48.0/20
add geoblock 193.109.208.0/24
add geoblock 83.222.32.0/19
add geoblock 85.94.224.0/19
add geoblock 213.169.96.0/19
add geoblock 193.168.64.0/18
add geoblock 193.9.144.0/22
add geoblock 156.133.0.0/16

Open in new window

0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 34

Expert Comment

by:Duncan Roe
ID: 41789329
This is the input for ipset -file right? Just put it in the backup
0
 

Author Comment

by:sharingsunshine
ID: 41789503
That's correct.

I tried that and it was lost.  I took a snapshot of the volume on our VPS server and when we restored the volume via the snapshot it wasn't there.  That's why I am posting the question.

Same thing happens with iptables on Centos if you don't have them specifically saved.  The entries aren't persistent if you don't run the correct commands to back them up.
0
 
LVL 34

Accepted Solution

by:
Duncan Roe earned 500 total points
ID: 41790730
iptables and ipset rules exist in Linux memory so cannot be preserved over a reboot. Your startup scripts need to re-issue appropriate ipset and iptables commands to reinstate the tables. You can either re-issue the original script as you posted, or use ipset save and ipset restore.
The scripts should do all this before enabling any interfaces.
0
 

Author Comment

by:sharingsunshine
ID: 41791154
if I use the original script I get the error that is listed in the beginning.  If I use ipset save I get

add geoblock 196.6.4.0/22
add geoblock 103.18.132.0/22
add geoblock 202.183.224.0/20
add geoblock 43.252.140.0/22
add geoblock 195.82.0.0/19
add geoblock 213.252.32.0/19
add geoblock 131.100.196.0/22
add geoblock 143.202.220.0/22
add geoblock 91.215.4.0/22
add geoblock 185.65.16.0/22
add geoblock 193.33.82.0/23
add geoblock 122.128.16.0/21
add geoblock 193.105.173.0/24
add geoblock 103.213.148.0/22
add geoblock 103.19.168.0/23
add geoblock 170.33.0.0/16
add geoblock 103.55.218.0/24
add geoblock 103.55.35.0/24
add geoblock 117.122.128.0/17
add geoblock 46.154.0.0/15
add geoblock 185.127.224.0/22
add geoblock 91.232.8.0/22
add geoblock 203.168.160.0/19
add geoblock 217.170.208.0/20
add geoblock 200.219.136.0/23
add geoblock 103.53.112.0/23
add geoblock 176.62.216.0/21
add geoblock 103.211.200.0/22
add geoblock 46.165.128.0/18
add geoblock 195.68.202.0/23
add geoblock 170.233.240.0/22
add geoblock 198.54.2.0/24
add geoblock 120.29.128.0/20
add geoblock 185.19.80.0/22
add geoblock 95.80.64.0/18
add geoblock 119.59.96.0/19
add geoblock 193.29.50.0/24
add geoblock 91.234.38.0/23
add geoblock 194.30.162.0/24
add geoblock 31.135.32.0/19
add geoblock 194.1.128.0/20
add geoblock 185.137.28.0/22
add geoblock 213.170.160.0/19
add geoblock 103.39.200.0/22
add geoblock 177.137.144.0/21
add geoblock 103.206.64.0/22
add geoblock 14.4.0.0/14
add geoblock 195.242.185.0/24
add geoblock 91.238.1.0/24
add geoblock 164.160.80.0/22
add geoblock 202.14.219.0/24
add geoblock 86.60.0.0/17
add geoblock 185.113.88.0/22
add geoblock 217.26.112.0/20
add geoblock 168.205.12.0/22
add geoblock 91.234.88.0/22
add geoblock 60.245.96.0/19
add geoblock 217.72.128.0/20
add geoblock 193.164.159.0/24
add geoblock 103.22.84.0/22
add geoblock 91.240.128.0/24
add geoblock 131.72.144.0/22
add geoblock 200.201.176.0/20
add geoblock 45.64.224.0/22
add geoblock 202.189.128.0/24
add geoblock 45.123.72.0/22
add geoblock 103.30.88.0/22
add geoblock 194.126.158.0/23
add geoblock 109.237.80.0/20
add geoblock 46.29.72.0/21
add geoblock 201.131.136.0/21
add geoblock 82.82.0.0/15
add geoblock 185.162.12.0/22
add geoblock 196.10.118.0/24
add geoblock 193.202.116.0/24
add geoblock 103.215.76.0/22
add geoblock 91.213.8.0/24
add geoblock 176.196.0.0/15
add geoblock 213.236.64.0/18
add geoblock 203.8.109.0/24
add geoblock 194.29.184.0/24
add geoblock 145.189.0.0/16
add geoblock 128.246.0.0/16
add geoblock 193.23.162.0/24
add geoblock 194.180.96.0/21
add geoblock 94.247.16.0/21
add geoblock 91.208.119.0/24
add geoblock 91.208.161.0/24
add geoblock 202.7.58.0/24
add geoblock 114.134.72.0/21
add geoblock 103.12.76.0/22
add geoblock 193.84.76.0/24
add geoblock 194.150.104.0/22
add geoblock 157.119.176.0/22
add geoblock 103.16.216.0/22
add geoblock 194.0.52.0/22
add geoblock 194.31.208.0/22
add geoblock 103.212.0.0/22
add geoblock 194.135.4.0/22
add geoblock 91.207.224.0/23
add geoblock 103.222.156.0/22
add geoblock 203.23.186.0/23
add geoblock 193.142.127.0/24
add geoblock 194.67.84.0/24
add geoblock 198.54.60.0/24
add geoblock 103.56.92.0/22
add geoblock 147.43.0.0/16
add geoblock 192.92.136.0/24
add geoblock 190.8.164.0/22
add geoblock 91.242.192.0/21
add geoblock 193.107.172.0/22
add geoblock 45.249.112.0/22
add geoblock 131.0.20.0/22
add geoblock 195.189.116.0/22
add geoblock 109.230.224.0/20
add geoblock 185.48.116.0/22
add geoblock 31.134.104.0/21
add geoblock 103.57.12.0/22
add geoblock 61.91.0.0/18
add geoblock 138.97.224.0/22
add geoblock 179.109.192.0/21
add geoblock 191.52.208.0/20
add geoblock 103.44.96.0/22
add geoblock 130.0.72.0/21
add geoblock 203.7.158.0/24
add geoblock 170.84.244.0/22
add geoblock 91.229.194.0/23
add geoblock 194.153.151.0/24
add geoblock 183.160.0.0/13
add geoblock 103.210.224.0/22
add geoblock 192.68.7.0/24
add geoblock 138.99.64.0/22
add geoblock 212.26.64.0/18
add geoblock 192.16.191.0/24
add geoblock 185.36.136.0/22
add geoblock 185.8.220.0/22
add geoblock 195.247.0.0/16
add geoblock 192.129.39.0/24
add geoblock 137.59.108.0/22
add geoblock 43.248.208.0/22
add geoblock 203.171.0.0/22
add geoblock 43.224.88.0/22
add geoblock 168.121.172.0/22
add geoblock 81.88.80.0/20
add geoblock 91.106.112.0/21
add geoblock 217.150.0.0/20
add geoblock 168.121.252.0/22
add geoblock 192.96.235.0/24
add geoblock 202.6.224.0/20
add geoblock 185.19.152.0/22
add geoblock 95.132.0.0/14
add geoblock 79.110.128.0/20
add geoblock 202.143.16.0/20
add geoblock 203.207.16.0/20
add geoblock 193.138.113.0/24
add geoblock 116.0.24.0/21
add geoblock 193.16.232.0/24
add geoblock 103.49.37.0/24
add geoblock 195.93.182.0/23
add geoblock 61.154.0.0/15
add geoblock 46.22.240.0/20
add geoblock 109.197.162.0/23
add geoblock 43.229.120.0/22
add geoblock 203.191.64.0/18
add geoblock 138.122.112.0/22
add geoblock 202.125.128.0/19
add geoblock 109.225.0.0/18
add geoblock 91.202.180.0/22
add geoblock 202.130.96.0/19
add geoblock 103.216.64.0/22
add geoblock 177.67.104.0/21
add geoblock 217.145.96.0/20
add geoblock 91.228.12.0/22
add geoblock 177.155.64.0/20
add geoblock 80.87.160.0/20
add geoblock 27.111.72.0/22
add geoblock 182.160.96.0/19
add geoblock 194.187.128.0/22
add geoblock 168.181.48.0/22
add geoblock 189.14.208.0/20
add geoblock 154.73.72.0/22
add geoblock 185.60.16.0/22
add geoblock 222.216.0.0/15
add geoblock 185.49.240.0/22
add geoblock 43.243.76.0/22
add geoblock 91.198.233.0/24
add geoblock 91.199.4.0/24
add geoblock 202.155.32.0/19
add geoblock 101.128.32.0/19
add geoblock 185.84.244.0/22
add geoblock 195.189.214.0/23
add geoblock 150.122.0.0/16
add geoblock 103.205.220.0/22
add geoblock 43.229.212.0/22
add geoblock 103.38.152.0/22

Open in new window


My question is where is it being saved?  I need to know should I ever need to restore the ipset.
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 41791550
ipset save writes to stdout by default as per the man page, which I hope you are reading. It seems from your test that ipset save does not write the ipset create line. You should be fine to dot the script in https:#a41789276
To execute it, be sure to give it execute permission. Also insert as line 1 #!/bin/sh
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Background Still having to process all these year-end "csv" files received from all these sources (including Government entities), sometimes we have the need to examine the contents due to data error, etc... As a "Unix" shop, our only readily …
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now