From owner-freebsd-questions@freebsd.org Tue Mar 28 17:54:24 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0A5F5D22C7A for ; Tue, 28 Mar 2017 17:54:24 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: from mail-wr0-x232.google.com (mail-wr0-x232.google.com [IPv6:2a00:1450:400c:c0c::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 934DC363 for ; Tue, 28 Mar 2017 17:54:23 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: by mail-wr0-x232.google.com with SMTP id l43so111647006wre.1 for ; Tue, 28 Mar 2017 10:54:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=GZkwrriRGtPbA7qYnmI0OJLE+P3BCJmxMyvciVZ0pMc=; b=Py587EfGijN1nSG358+78juVYHF/I/7pqOZpeMoeAnLzEto5qDnnwDfAjZMNykFf+1 lVhtynGiMqwTxCmylgchklmBCcsMwmOSKGfyVzF6nsKiSbbOB7/4g4rDAK8oqj0EdDhB 6L2cI4cqfeAxioLgSApIzUnig+TV+8YJrgRrqXGetmBhfyfaVz4fuehQ45b/ElfCzs8Y 41rY7NsQkZVa6dbZLG6wh4zlkBE4yyWMKPy108+qIebrR35WsCznX11uucWo9ZSj/2dh AiZoPDRGARmvC3idbxFv612mOAO77gQxe6axVvrQP496zvQa3iSd5Tb/Kqw1WFGb/xCx +CQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=GZkwrriRGtPbA7qYnmI0OJLE+P3BCJmxMyvciVZ0pMc=; b=aLj1qzltC/h6BOgQfdv0ZHVt9KI4zdQKGS1CFHClfcn8v5k0NTMPJ55O4QrW97G0tI Pr0z6bp5wLNO1kfktLhr8UvfIEy5yhnKTYU4nj3EUAleUImizUoaf0G+ARD35hDMdznK zkoBLeLm0KdvFTINRgRyy1pM+7vyiMv82MwSAgd9uJ4H8f8Jt1M1I4WUvtF7hFzUXxIU yt3BxDhVVR51sVRF1J6gEdDVLhC3R4i+mlaE/vJNobAqFGe1QjNl32RqHOm5ZVPR3/oi YDygGwu9pFKPcZ10SviYNZjNBBQ5CqeQ4kXBOLb7s1e3n1506NTJ6Nh5IBw99Y0Uom4y lbyg== X-Gm-Message-State: AFeK/H1ZFRkgIgdwq8OTyeAOfGuGn9I9MxVPhLfk+zs/8anha+UKXMQEw4ywYMS7rEHiTMpzxPH/To592EeVOg== X-Received: by 10.223.160.5 with SMTP id k5mr10002230wrk.123.1490723662046; Tue, 28 Mar 2017 10:54:22 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.148.35 with HTTP; Tue, 28 Mar 2017 10:54:21 -0700 (PDT) In-Reply-To: <20170328114541.0ca0d084@archlinux.localdomain> References: <20170327170941.59c84eec@archlinux.localdomain> <20170327171959.405bbfbb@archlinux.localdomain> <20170328111655.121ede18@archlinux.localdomain> <20170328111959.400d4761@archlinux.localdomain> <20170328113501.2a5ebf60@archlinux.localdomain> <20170328114541.0ca0d084@archlinux.localdomain> From: David Mehler Date: Tue, 28 Mar 2017 13:54:21 -0400 Message-ID: Subject: Re: Two pf questions To: Ralf Mardorf Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Mar 2017 17:54:24 -0000 Hello, Thanks for your reply. Your first invocation of sort did it. To get the final results I added the -n numeric option and it worked just fine. For reference my complete script is: #!/bin/sh # # Daily sort unique hits in both the fail2ban and bruteforce tables # If there is a global system configuration file, suck it in. # if [ -r /etc/defaults/periodic.conf ] then . /etc/defaults/periodic.conf source_periodic_confs fi case "$daily_sorttable_enable" in [Yy][Ee][Ss]) PATH=/bin:/sbin:/usr/bin echo "Sorting unique entries in the fail2ban and bruteforce tables" cp /etc/pf/bruteforce /tmp/foobar.txt pfctl -t bruteforce -T show >> /tmp/foobar.txt sort -u -n /tmp/foobar.txt > /etc/pf/bruteforce cp /etc/pf/fail2ban /tmp/foobar1.txt pfctl -t fail2ban -T show >> /tmp/foobar1.txt sort -u -n /tmp/foobar1.txt > /etc/pf/fail2ban echo "Removing temporary files" rm /tmp/foobar.txt /tmp/foobar1.txt echo "Restarting pf" pfctl -f /etc/pf.conf esac exit $rc Any ideas on the nat reflection? Thanks. Dave. On 3/28/17, Ralf Mardorf via freebsd-questions wrote: > On Tue, 28 Mar 2017 11:35:01 +0200, Ralf Mardorf wrote: >>On Tue, 28 Mar 2017 11:19:59 +0200, Ralf Mardorf via freebsd-questions >>wrote: >>>cp /etc/pf/bruteforce /tmp/foobar.txt >>>pfctl -t bruteforce -T show >> /tmp/foobar.txt >>>sort -u /tmp/foobar.txt > /etc/pf/bruteforce >>> >>>^ >>>^ >>> >>>>If so, the above example with "sort -u" still might be good. >>>>Perhaps >>> ^^^^^^^^^^^^^ >>> ^^^^^^^^^^^^^ the above with the cp to a backup file >>> >>>>in addition within a loop until the exit status $? of the last >>>>command is 0, to ensure that /etc/pf/bruteforcen doesn't get lost, if >>>>something should went wrong. >> >>More clear, something similar to this: >> >>cp /etc/pf/bruteforce /tmp/foobar.txt && \ >>pfctl -t bruteforce -T show >> /tmp/foobar.txt && \ >>some_loop >> sort -u /tmp/foobar.txt > /etc/pf/bruteforce >> check_exit_status >>some_loop > > My apologies, it's not my day today ;). > > I don't know if the exit status available after > > sort -u /tmp/foobar.txt > /etc/pf/bruteforce > > is from "sort" and/or ">", at least > > sort -u /tmp/foobar.txt | tee /etc/pf/bruteforce > > ensures that it's the status returned from "tee", but I suspect ">" > works, too. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >