Goodmorning everyone first of all I apologize for my poor English, to follow I need to understand something that maybe is very simple but at the moment it eludes me. I have to pass a list of IPV4 / IPV6 addresses to a rules of nftables, currently I do it with iptables only for IPV4 like this: #! / Bin / bash # A simple bash script to block IP traffic from nodes. wget = '/ usr / bin / wget' IPT = "` whereis -b iptables | cut -d \ "\" -f 2` " Iptables_target = "DROP" IPTABLES_CHAINNAME = "NOIP" if! $ IPT -L NOIP -n> / dev / null 2> & 1; then $ IPT -N NOIP> / dev / null 2> & 1 $ IPT -A INPUT -p tcp -j NOIP 2> & 1 fi cd / tmp / wget -q -O - "https://www.somewhere.com"; -U SXNOIPLIST / 51.0> /tmp/list.noip sed -i 's | ^ #. * $ || g' /tmp/list.noip $ IPT -F NOIP CMD = $ (cat /tmp/list.noip | uniq | sort) for IP in $ CMD; do let COUNT = COUNT + 1 $ IPT -A NOIP -s $ IP -j DROP done $ IPT -A NOIP -j RETURN Can I replace the IP expression with the INET expression in my script or is it better if I make 2 rules one for IPV4 and one for IPV6? Thanks in advance to those who want to answer me and best regards. -- Mario Vittorio Guenzi E-mail jclark@xxxxxxxxxx Si vis pacem, para bellum
Attachment:
signature.asc
Description: OpenPGP digital signature
