-1

Here is my python script for calling IPtables and I need SQLite output to make a rule (df2)

subprocess.run(["/usr/sbin/iptables", "-A", "INPUT", "-p", "udp", "-m", "udp", "--dport 5060", "-m" "string",
                "--string" , "/home/as/Documents/mydf.csv", "-algo", "bm", "--to 655535", "-j" ,"REJECT"])

Error I am getting

iptables v 1.8.4v(legacy): unknown option  --string
newbee
  • 29
  • 4
  • `"-algo bm"` needs to be two strings: `"-algo", "bm"`. Same with `"--to 65535"`. The path to iptables is wrong, so this can't be your exact code. – Tim Roberts Feb 26 '21 at 00:36
  • ...and `"--dport 5060"` – larsks Feb 26 '21 at 02:05
  • @TimRoberts I also tried separating all the strings, but no luck, also could you please let me know how to write path location, I am writing path as ```subprocess.call(["/usr/sbin/iptables"(iptable file location),..(all the middle strings separated by " ")....,"/home/Documents/.csv(file location)"])``` – newbee Feb 26 '21 at 05:51
  • @larsks I tried separating all the string – newbee Feb 26 '21 at 05:53
  • What I meant was that, in the example in your question, you have "usr/bin/iptables" without the leading slash. You do have the iptables-string extension installed? And why are you using a Windows file path in a Linux system? – Tim Roberts Feb 26 '21 at 06:04
  • @TimRoberts I am not it is ```/home/as/Documents/.csv``` – newbee Feb 26 '21 at 06:18
  • This isn't really a bash question, so the bash tag should be removed. This is, however, an iptables question, so the iptables tag should be added. – Shane Bishop Feb 26 '21 at 15:24
  • This is not a [minimal reproducible example](https://stackoverflow.com/help/minimal-reproducible-example) yet. The actual problem you are experiencing is with the call to `subprocess.run()`. I suggest simplifying the question by removing the pandas part, and focussing only on the CSV file and the call to `subprocess.run()`. – Shane Bishop Feb 26 '21 at 15:28
  • GENERAL IPTABLES SUPPORT IS OFF-TOPIC. Support questions may be asked on https://superuser.com. Use this tag only for questions on programming with iptables. Questions about configuring iptables should be asked on Server Fault (https://serverfault.com/tour). – Rob Feb 27 '21 at 11:49

1 Answers1

0

In the code you posted in your answer, you have usr/sbin/iptables without a leading slash. You should use /usr/sbin/iptables.

You also have several parts in your call to subprocess.run() where you needed to separate the arguments into separate list items. You also forgot a comma between "-m" and "string".

Try this:

subprocess.run([
    "/usr/sbin/iptables",
    "-A", "INPUT",
    "-p", "udp",
    "-m", "udp",
    "--dport", "5060",
    "-m", "string",
    "--string", "insert csv file location here",
    "-algo", "bm",
    "--to", "655535",
    "-j", "REJECT",
])
Shane Bishop
  • 3,905
  • 4
  • 17
  • 47