Path: csiph.com!usenet.pasdenom.info!gegeweb.org!de-l.enfer-du-nord.net!feeder2.enfer-du-nord.net!feeds.phibee-telecom.net!newsfeed.xs4all.nl!newsfeed2.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail
Return-Path: <rosuav@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.004
X-Spam-Evidence: '*H*': 0.99; '*S*': 0.00; 'subject:not': 0.03; 'output': 0.05; 'subject:file': 0.07; 'input,': 0.09; 'output,': 0.09; 'rewrite': 0.09; 'skip:o 50': 0.09; 'todo:': 0.09; '24,': 0.16; 'blocks': 0.16; 'executed.': 0.16; 'flush': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'newlines': 0.16; 'subject:txt': 0.16; 'timestamp': 0.16; 'wrote:': 0.18; 'bit': 0.19; 'result.': 0.19; 'work,': 0.20; 'command': 0.22; 'input': 0.22; 'import': 0.22; 'putting': 0.22; 'rules': 0.22; 'shell': 0.22; 'replace': 0.24; 'skip:l 30': 0.24; 'script': 0.25; 'this:': 0.26; 'header:In-Reply-To:1': 0.27; 'point': 0.28; 'function': 0.29; "doesn't": 0.30; 'message- id:@mail.gmail.com': 0.30; "i'm": 0.30; 'code': 0.31; "skip:' 10": 0.31; 'file': 0.32; 'run': 0.32; 'fri,': 0.33; 'skip:# 10': 0.33; "i'd": 0.34; 'problem': 0.35; 'received:209.85': 0.35; 'received:209.85.220': 0.35; 'beyond': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'really': 0.36; 'should': 0.36; 'received:209': 0.37; 'being': 0.38; 'skip:o 20': 0.38; 'subject:new': 0.38; 'to:addr:python-list': 0.38; 'pm,': 0.38; 'that,': 0.38; 'does': 0.39; 'to:addr:python.org': 0.39; 'read': 0.60; 'commands': 0.60; 'skip:o 30': 0.61; 'skip:t 30': 0.61; 'act': 0.63; 'show': 0.63; 'protection': 0.63; 'cut': 0.74; 'obvious': 0.74; "'with'": 0.84; 'stamp': 0.91; 'subject:add': 0.91; '2013': 0.98
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=D1MuZ7y6jf2b37ZqpFOisRWKZa7AxjkvLtIY7Gkv7ZU=; b=n5XYSUA0lRKpM+3wyLm7AjIrkjGMDygYIL+MiKv2YEHmj6znwl/6f0bu45sMTcm6y8 b+luxZ1dcKpZd39ukzsydcgVvZlj5BHDKVxV3bhO/AXi4p1TT7uJp726fpJyyDEQHvFs Egs50XjtK8hpGpuvi7F1j6iRsvZNLUpfHEKNcdVwdDtYaPJ/mCp1ZIlrYxlZDhB5emiR yZN1wPxxb3sWfBnDeYzVB4EgjtXNBO2MzAhe4YOl5OFjdLhK1gg2I/aw4U+GnCMsVUrw UXTKqBI4NliQ34M3C6u1LryUCrM7POLUIk1vCIwUEHoP+gmicHdKFKt8SHSqk1zZx35U eGfQ==
MIME-Version: 1.0
X-Received: by 10.220.106.74 with SMTP id w10mr8633845vco.32.1369403645172; Fri, 24 May 2013 06:54:05 -0700 (PDT)
In-Reply-To: <puAnt.800936$OJ2.639894@en-nntp-11.dc1.easynews.com>
References: <puAnt.800936$OJ2.639894@en-nntp-11.dc1.easynews.com>
Date: Fri, 24 May 2013 23:54:05 +1000
Subject: Re: Read txt file, add to iptables not working on new host
From: Chris Angelico <rosuav@gmail.com>
To: python-list@python.org
Content-Type: text/plain; charset=ISO-8859-1
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.2067.1369403653.3114.python-list@python.org>
Lines: 51
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1369403653 news.xs4all.nl 15921 [2001:888:2000:d::a6]:56143
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:45890

On Fri, May 24, 2013 at 12:44 PM, JackM <notreal@earthlink.net> wrote:
>         outPut = os.popen( '/sbin/iptables -A INPUT -s' + ' ' + IP + ' ' +
> '-j REJECT' )

There's so much about this script that's less than Pythonic, but the
one thing I'd really like to see is a log of the exact command being
executed. Replace the above line with this:

        command = '/sbin/iptables -A INPUT -s' + ' ' + IP + ' ' + '-j REJECT'
        outPut = os.popen(command)
        logFile.write(command+"\n")

That will show, in your log, exactly what's being executed. You should
then be able to execute that command in the shell and see the exact
same result. That might also show you the problem - it might be
obvious from the commands logged.

If that doesn't work, here's a rewrite of your code for cleanliness,
which still does what I think your original code does. See if they act
differently...

-- cut --

#!/usr/bin/python
import os
import time

# Input, Output, and TimeStamp
inFile = open('/var/www/html/mydomain.com/banlist.txt','r')
logFile = open('/var/log/banList.log','w')
stamp = time.asctime(time.localtime())

# Daily Flush of blockList rules before re-applying Blocks
os.popen('/sbin/iptables -F INPUT')
logFile.write(stamp+'\nFlushing Rules..\n')

# Loop to read in file and Apply rules to IPtables
for line in inFile:  # TODO: Use 'with' for a bit of protection
        ip = line.split(';')[0]
        output = os.popen( '/sbin/iptables -A INPUT -s ' + ip + ' -j REJECT' )
        logFile.write(IP+' - Has been blocked\n')


-- cut --

Since the timestamp doesn't change across a run anyway, there's not
much point printing it out every time, and I'm also putting newlines
in the logfile. Beyond that, it should function the same way as the
original.

ChrisA