Need Help With Security Script

I was mailbox flooded through my contact form last night so I need to block the country that caused the attack until I can upgrade my site to take the current recaptcha from Google.  Here is the script I need to work.  I want to be ready if it happens again tonight.

for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/{ua,kp}.zone) do

Open in new window

and it won't execute.  instead I get a greater than symbol ">."

This is an example:
for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/{ua,kp}.zone) do
>

Open in new window


This script used to work but I had to retype it and now I get that > symbol.

Please help.

Randal
sharingsunshineAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dmitri FarafontovLinux Systems AdminCommented:
What exactly do you expect the behaviour to be? Your script seems to be incomplete, as its missing an action after do and done after its completion.
sharingsunshineAuthor Commented:
it copies in a country block that is specified and then loads all of those ip's into an ipset called geoblock that is already set up on iptables to be blocked.
Dmitri FarafontovLinux Systems AdminCommented:
Ok so something like this then:

for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/{ua,kp}.zone) do
sudo ipset add geoblock $IP
done
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

sharingsunshineAuthor Commented:
it seems to have finished but there are error messages below the finished statement
[root@ip-172-31-22-236 log]# [root@ip-172-31-22-236 log]# for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/{ua,kp}.zone) do
> > sudo ipset add geoblock $IP
-bash: syntax error near unexpected token `>'
[root@ip-172-31-22-236 log]# -bash: syntax error near unexpected token `sudo'
--2018-02-12 11:28:32--  http://www.ipdeny.com/ipblocks/data/countries/ua.zone
Resolving www.ipdeny.com (www.ipdeny.com)... 192.241.240.22
Connecting to www.ipdeny.com (www.ipdeny.com)|192.241.240.22|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 48476 (47K)
Saving to: ‘STDOUT’

-                                               100%[====================================================================================================>]  47.34K  --.-KB/s    in 0.02s

2018-02-12 11:28:32 (2.43 MB/s) - written to stdout [48476/48476]

--2018-02-12 11:28:32--  http://www.ipdeny.com/ipblocks/data/countries/kp.zone
Reusing existing connection to www.ipdeny.com:80.
HTTP request sent, awaiting response... 200 OK
Length: 16
Saving to: ‘STDOUT’

-                                               100%[====================================================================================================>]      16  --.-KB/s    in 0s

2018-02-12 11:28:32 (1.17 MB/s) - written to stdout [16/16]

FINISHED --2018-02-12 11:28:32--
Total wall clock time: 0.2s
Downloaded: 2 files, 47K in 0.02s (2.43 MB/s)
-bash: [root@ip-172-31-22-236: command not found
[root@ip-172-31-22-236 log]# > > sudo ipset add geoblock $IP
-bash: syntax error near unexpected token `>'
[root@ip-172-31-22-236 log]# -bash: syntax error near unexpected token `>'
> [root@ip-172-31-22-236 log]# -bash: syntax error near unexpected token `sudo'

Open in new window


I copied your code exactly but it dkeeps adding the > sign.
Dmitri FarafontovLinux Systems AdminCommented:
Create a script with the following contents. CHMOD it to 755. Run

#!/bin/bash
for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/{ua,kp}.zone)
do
sudo ipset add geoblock $IP
done

Open in new window

sharingsunshineAuthor Commented:
that does fix it but makes it harder to change the zones without having to go in and edit the script.  I would prefer the way it used to work.  Are there any special rules for a script that could be causing the extra >?
Dmitri FarafontovLinux Systems AdminCommented:
Sure its just a matter of syntax if you want a one liner:
for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/{ua,kp}.zone); do sudo ipset add geoblock $IP; done

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sharingsunshineAuthor Commented:
that's perfect, thanks so much.
sharingsunshineAuthor Commented:
I appreciate the help.
Dmitri FarafontovLinux Systems AdminCommented:
Awesome anytime!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.