CODEWITHSUNDEEP
bashshellscriptinggrep
UFO
UFO

Reputation: 410

need to run command in linux and find result by grep

I am using csf firewall for my server... so i need to run csf -g 10.10.10.10 to check if ip is allowed or not... I am using bash script to run command ... but csf -g 10.10.10.10 return 0 if matches found or not found... so i need to check command result if contain DENYIN for found and "No Matches Found" for false.

i used grep but dont know exactly how to use it... something like this:

csf -g 10.10.10.10 && echo === $? ===  || echo $? | grep "No matches found"

please let me know about this. if you have better solution please let me know

executed command return:

csf -g 10.10.10.10

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination
No matches found for 10.10.10.10 in iptables


ip6tables:

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination
No matches found for 10.10.10.10 in ip6tables

10.10.10.10 and 20.20.20.20 just for example not not real world case

csf -g 20.20.20.20

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination

filter DENYIN           181   6586  395K DROP       all  --  !lo    * 
20.20.20.20        0.0.0.0/0

filter DENYOUT          181      0     0 LOGDROPOUT  all  --  *      !lo     0.0.0.0/0            20.20.20.20


ip6tables:

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination No matches found for
20.20.20.20 in ip6tables

csf.deny: 20.20.20.20 # lfd: (smtpauth) Failed SMTP AUTH login from
20.20.20.20 -------: 5 in the last 3600 secs - Thu Oct 24 20:33:07 2019

Upvotes: 0

Views: 153

Answers (2)

Gianluca Mereu
Gianluca Mereu

Reputation: 326

You should just filter the standard output and check if there is a result.

Try: 

    csf -g 10.10.10.10 | grep DENYIN && echo "Found" || echo "No matches found"

A little of explaination:

There are 4 parts :

1) your command: csf -g ....

2) the grep command will check if the specific string is in the output

3) the && will run the echo command if the grep found the string (exiting 0)

4) the || will run the echo command when the grep didn't found the string

** Tested on: **


bash-4.4$ cat testData 
Table  Chain            num   pkts bytes target     prot opt in     out     source               destination

filter DENYIN           181   6586  395K DROP       all  --  !lo    * 
20.20.20.20        0.0.0.0/0

filter DENYOUT          181      0     0 LOGDROPOUT  all  --  *      !lo     0.0.0.0/0            20.20.20.20



bash-4.4$ cat testData  | grep -q DENYIN && echo "Found" || echo "No matches found"
Found

Upvotes: 2

Bayou
Bayou

Reputation: 3441

If the output is as followed:

$ csf -g 192.168.138.1
Chain            num   pkts bytes target     prot opt in     out     source               destination
No matches found for 192.168.138.1 in iptables

You can grep on "No matches found for 192.168.138.1" and use the exit status of grep instead:

if csf -g 192.168.138.1 | grep -q "No matches found"; then
    echo "error"
else
    echo "ok"
fi

Or even shorter:

csf -g 192.168.138.1 | grep -o "No matches found" || echo "Found"

Upvotes: 1

Related Questions