I need help with the following Bash v4.1.2 script.
#!/bin/bash
IP=$1
IPTABLES=/sbin/iptables
$IPTABLES -I INPUT -s $IP -j DROP
echo $IPTABLES -I INPUT -s $IP -j DROP |wall
The variables, IP and IPTABLES, get populated in the echo but the line above is not executed. The echo outputs...
/sbin/iptables -I INPUT -s 1.2.3.4 -j DROP
...which is syntactically correct and works if executed manually.
I don't know Bash so I'm struggling to debug this elementary script. I see some scenarios where commands are left bare as I have mine and some that are wrapped in $() (with and without quotes). I've also tried using backticks and quoting various parts of the command. The echo piped through wall only exists for debugging.
I found a basically identical post at Bash script commands not working in cron. My script is not running from cron though.
=== EDIT ===
Added for @Barmar
[root@server tmp]# bash -x /bin/netfilter-drop.sh
+ IP=1.2.3.4
+ IPTABLES=/sbin/iptables
+ /sbin/iptables -I INPUT -s 1.2.3.4 -j DROP
+ wall
+ echo /sbin/iptables -I INPUT -s 1.2.3.4 -j DROP
[root@server tmp]#
Broadcast message from root@server (Thu Dec 29 12:46:44 2016):
/sbin/iptables -I INPUT -s 1.2.3.4 -j DROP
^C
[root@server tmp]#
wallmakes me think you're not running this from a terminal and therefore can't see all the helpful error messages that the script produces. Addexec &> /tmp/mylogto the start of the script, run it however you do it, then look at the file. If you're invoking it from as web server, @gniourf_gniourf guessed your problemiptables v1.4.7: can't initialize iptables table filter: Permission denied (you must be root) Perhaps iptables or your kernel needs to be upgraded.. So the problem is my sudo. That output was revealed by @thatotherguy'sexecsuggestion.