SED inserting iptables rules in while loop

verbalicious · December 21, 2009, 12:38pm

I'm trying to insert multiple new lines of text into an iptables script using sed in a while loop. I'm not sure if this is the most effective way. Searching the forums has helped me come up with a good beginning but it's not 100%. I'd like it to search out a unique line in my current iptables file and add new rules above it. The problem now is that it only ends up inserting one new line instead of the 20 it should (based on the $BOGON_LIST).

        while read bogonline ;do
                sed '/--state ESTABLISHED,RELATED -j ACCEPT/ i\-A RH-Firewall-1-INPUT -s '"${bogonline}"' -j DROP' $IPT_SCRIPT > new_iptables
        done < $BOGON_LIST

The $BOGON_LIST is a file with ip addresses on a line by themselves like so:
IP
IP
IP

rdcwayx · December 21, 2009, 2:59pm

${bogonline}=`echo ${bogonline}|sed '/--state ESTABLISHED,RELATED -j ACCEPT/ i\-A RH-Firewall-1-INPUT -s '" `

verbalicious · December 22, 2009, 11:12am

rdcwayx, Thanks for the reply. I think I need a bit more hand holding. I attempted to plug your solution into my script and finish it a number of different ways, but no luck. Banged my head against the screen for an hour. Lots of errors (IP = No such file or directory). There are some fundamentals I am missing here, and I could use a hand. Could you elaborate a bit more? TIA.