Path: csiph.com!newsfeed.hal-mli.net!feeder3.hal-mli.net!newsfeed.hal-mli.net!feeder2.hal-mli.net!newsfeed.xs4all.nl!newsfeed3.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <carlosnepomuceno@outlook.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.002
X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'subject:not': 0.03; 'argument': 0.05; 'output': 0.05; 'great.': 0.07; 'hosts': 0.07; 'skip:` 10': 0.07; 'subject:file': 0.07; 'output,': 0.09; 'skip:/ 10': 0.09; 'skip:o 50': 0.09; 'tmp': 0.09; 'runs': 0.10; 'python': 0.11; "'),": 0.16; 'blocked': 0.16; 'blocks': 0.16; 'command.': 0.16; 'flush': 0.16; 'rules.': 0.16; 'script,': 0.16; 'subject:txt': 0.16; 'timestamp': 0.16; 'wrote:': 0.18; 'file,': 0.19; 'thu,': 0.19; 'thanks.': 0.20; 'written': 0.21; '>>>': 0.22; 'input': 0.22; 'import': 0.22; 'rules': 0.22; 'shell': 0.22; 'to:name:python-list@python.org': 0.22; 'this?': 0.23; 'error': 0.23; 'entries': 0.24; 'received:65.55.116': 0.24; 'skip:l 30': 0.24; 'header': 0.24; 'server.': 0.24; 'script': 0.25; 'first,': 0.26; 'header:In-Reply-To:1': 0.27; 'host': 0.29; 'skip:- 40': 0.29; 'points': 0.29; 'errors': 0.30; 'involving': 0.30; 'said,': 0.30; 'url:mailman': 0.30; 'getting': 0.31; "skip:' 10": 0.31; 'catching': 0.31; 'changed.': 0.31; 'txt': 0.31; 'file': 0.32; 'this.': 0.32; "we're": 0.32; 'text': 0.33; 'worked': 0.33; 'url:python': 0.33; 'addresses': 0.33; 'fri,': 0.33; 'skip:# 10': 0.33; 'date:': 0.34; 'could': 0.34; 'knowledge': 0.35; 'something': 0.35; 'no,': 0.35; 'but': 0.35; 'add': 0.35; 'tech': 0.36; 'url:listinfo': 0.36; 'thanks': 0.36; 'url:org': 0.36; 'email addr:python.org': 0.37; 'skip:o 20': 0.38; 'subject:new': 0.38; 'to:addr:python-list': 0.38; 'pm,': 0.38; 'subject:': 0.39; 'bad': 0.39; 'skip:8 10': 0.39; 'to:addr:python.org': 0.39; 'changed': 0.39; 'url:mail': 0.40; 'remove': 0.60; 'read': 0.60; 'commands': 0.60; 'improved': 0.60; 'tell': 0.60; 'skip:o 30': 0.61; 'skip:t 30': 0.61; 'new': 0.61; 'address': 0.63; 're:': 0.63; 'reached': 0.63; 'skip:n 10': 0.64; 'more': 0.64; 'email name:python-list': 0.65; 'url:htm': 0.73; 'again?': 0.84; 'vulnerable': 0.84; '2013,': 0.91; 'carlos': 0.91; 'stamp': 0.91; 'subject:add': 0.91; '2013': 0.98
X-TMN: [+46Apkea+ppfnZR3++pj8/2sQhTO2jK9]
X-Originating-Email: [carlosnepomuceno@outlook.com]
From: Carlos Nepomuceno <carlosnepomuceno@outlook.com>
To: "python-list@python.org" <python-list@python.org>
Subject: RE: Read txt file, add to iptables not working on new host
Date: Fri, 24 May 2013 16:15:45 +0300
Importance: Normal
In-Reply-To: <aDJnt.102617$zH4.33757@en-nntp-14.dc1.easynews.com>
References: <puAnt.800936$OJ2.639894@en-nntp-11.dc1.easynews.com>, <mailman.2048.1369365052.3114.python-list@python.org>, <aDJnt.102617$zH4.33757@en-nntp-14.dc1.easynews.com>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 24 May 2013 13:15:45.0059 (UTC) FILETIME=[CC841730:01CE5880]
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.2066.1369401353.3114.python-list@python.org>
Lines: 115
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1369401353 news.xs4all.nl 15961 [2001:888:2000:d::a6]:35704
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:45886

No=2C there's no need to change your python script=2C although it can be im=
proved because as it is it may flush (delete all) iptables rules and let yo=
u vulnerable and don't create the new rules.=0A=
=0A=
All you need to do is enter the commands in the shell and send it's output.=
 The 'iptables' have changed.=0A=
=0A=
=0A=
----------------------------------------=0A=
> From: notreal@earthlink.net=0A=
> Subject: Re: Read txt file=2C add to iptables not working on new host=0A=
> Date: Fri=2C 24 May 2013 09:08:26 -0400=0A=
> To: python-list@python.org=0A=
>=0A=
> Thanks for answering. Do you mean something like this?=0A=
>=0A=
> outPut =3D os.popen('uname -a' '/sbin/iptables -V INPUT -s' + ' ' + IP + =
'=0A=
> ' + '-j REJECT' )=0A=
>=0A=
> Sorry but like I said=2C I have no experience with any of this.=0A=
>=0A=
>=0A=
>=0A=
> On 5/23/2013 11:10 PM=2C Carlos Nepomuceno wrote:=0A=
>> Send the output of the following commands:=0A=
>>=0A=
>> uname -a=0A=
>> /sbin/iptables -V=0A=
>>=0A=
>>=0A=
>> ----------------------------------------=0A=
>>> From: notreal@earthlink.net=0A=
>>> Subject: Read txt file=2C add to iptables not working on new host=0A=
>>> Date: Thu=2C 23 May 2013 22:44:38 -0400=0A=
>>> To: python-list@python.org=0A=
>>>=0A=
>>> First=2C let me say that I have no knowledge of or experience with Pyth=
on=0A=
>>> or Linux/Unix. I have a script which was written by a host tech person=
=0A=
>>> that ran via cron on my old server. It was designed to read IP addresse=
s=0A=
>>> from a text file and add them to be blocked on iptables. That way=2C we=
=0A=
>>> could add or remove IPs without involving tech support daily. It worked=
=0A=
>>> great.=0A=
>>>=0A=
>>> Then we changed hosts and this script is now throwing errors on the new=
=0A=
>>> server. This host runs Python 2.6.6. This is the script:=0A=
>>>=0A=
>>> #!/usr/bin/python=0A=
>>> import os=2Ctime=0A=
>>>=0A=
>>> ##Input=2C Output=2C and TimeStamp=0A=
>>> inFile =3D open('/var/www/html/mydomain.com/banlist.txt'=2C'r')=0A=
>>> logFile =3D open('/var/log/banList.log'=2C'w')=0A=
>>> stamp =3D time.asctime(time.localtime())=0A=
>>>=0A=
>>>=0A=
>>> ##Daily Flush of blockList rules before re-applying Blocks=0A=
>>> os.popen('/sbin/iptables -F INPUT')=0A=
>>> logFile.write(stamp)=2C logFile.write('\n')=2C logFile.write('Flushing=
=0A=
>>> Rules..\n')=0A=
>>>=0A=
>>> ##Loop to read in file and Apply rules to IPtables=0A=
>>> for line in inFile.readlines():=0A=
>>> tmp =3D line.split('=3B')=0A=
>>> IP =3D tmp[0]=0A=
>>> outPut =3D os.popen( '/sbin/iptables -A INPUT -s' + ' ' + IP + ' ' + '-=
j=0A=
>>> REJECT' )=0A=
>>> logFile.write(IP)=2C logFile.write(' - Has been blocked ')=2C=0A=
>>> logFile.write(stamp)=2ClogFile.write=0A=
>>>=0A=
>>>=0A=
>>> The errors we're getting are like these:=0A=
>>>=0A=
>>> Bad argument `174.37.65.204'=0A=
>>> Try `iptables -h' or 'iptables --help' for more information.=0A=
>>> Bad argument `94.159.162.182'=0A=
>>> Try `iptables -h' or 'iptables --help' for more information.=0A=
>>> Bad argument `95.134.132.98'=0A=
>>> Try `iptables -h' or 'iptables --help' for more information.=0A=
>>> etc.=0A=
>>>=0A=
>>> Entries from the banlist.txt are like these:=0A=
>>>=0A=
>>> 200.193.54.138=3B February 9=2C 2013=2C 7:42 am <br>=0A=
>>> 87.120.57.4=3B February 9=2C 2013=2C 7:42 am <br>=0A=
>>> 82.206.129.160=3B February 9=2C 2013=2C 7:43 am <br>=0A=
>>> etc.=0A=
>>>=0A=
>>> I know the error points to a bad iptables command.=0A=
>>> Can someone tell me what change(s) I need to make to this script to get=
=0A=
>>> it working again? Thanks.=0A=
>>>=0A=
>>>=0A=
>>>=0A=
>>> --=0A=
>>> My email address on the header is a non-monitored spam catching account=
.=0A=
>>> I can be reached via http://www.wvnh.net/contact.htm=0A=
>>>=0A=
>>> --=0A=
>=0A=
>=0A=
>=0A=
>=0A=
> --=0A=
> http://mail.python.org/mailman/listinfo/python-list 		 	   		  =