2

I'm writing a script and I'm stuck.

I have a url (https://file.test.com/tips) that contains a file with the list of network subnets.

File content:

{192.168.1.0/24,10.0.0.0/24,2001:aaaa:bbbb:cccc::/64}

When I try to run

# firewall-cmd --permanent --zone=trusted --add-source="$(curl https://file.test.com/tips)"

I get

Error: INVALID_ADDR: Zone 'trusted': invalid source '{192.168.1.0/24,10.0.0.0/24,2001:aaaa:bbbb:cccc::/64}'

It works just fine when I run

# firewall-cmd --permanent --zone=trusted --add-source={192.168.1.0/24,10.0.0.0/24,2001:aaaa:bbbb:cccc::/64}

Anyone know what I'm doing wrong?

Improve this question
0

1 Answer 1

Reset to default
1

I placed a comment earlier but this is more of a bash expansion issue. So the proper way would be to use a loop and split subnets by ,

#!/usr/bin/env bash

read_file=$(curl -s https://file.test.com/tips | sed 's/[{}]//g')

saveIFS=$IFS

IFS=',' read -ra subnets <<< "$read_file"

for subnet in "${subnets[@]}"
  do
    firewall-cmd --zone=trusted --add-source="$subnet" --permanent
  done 

firewall-cmd --reload

IFS=$saveIFS

Or the other alternative is using eval or even printf '%q' "${subnet}"

Using eval which isn't recommended but is fairly secure for what you want.

eval firewall-cmd --permanent --zone=trusted --add-source="$(curl -s https://file.test.com/tips)" && firewall-cmd --reload
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.