Join Log in
Score:1
ArrowInTree avatar Server

Bash has problems with cmdline nft cmd vs script

fr flag
ArrowInTree

linux mint. uname -r yields 5.15.0-56. dpkg-query -l bash yields 5.1.6ubuntu1.
My script shows this problematic output when bash -x script invoked:

attrib =' '\''{type nat hook prerouting  priority mangle+10;}'\'' '

But from the commandline:

sudo nft create chain inet firewalld mangle_PREROUTING '{ type nat hook prerouting priority mangle + 10 ;}'

It works fine.
This script replicates the fedora nft tree.

 x=$(sudo nft -a list tables)   
 if [[ $x != '' ]]; then  
     sudo nft flush table inet firewalld  
      sudo nft delete table inet firewalld  
 fi  
 sudo nft create table inet firewalld  
 for stage in mangle net filter;do  
     for step in _PREROUTING _OUTPUT _INPUT _IN_workstation; do
      meat=${step/_/}   
       priority=${stage/_/}   
       a=${step/_[a-zA-Z]+/_}   
       b=${stage/_[a-zA-Z]+/_}   
       if [[ $stage =="__"]]; then   
            type="nat"   
       else
            type="filter"   
       fi.   
       hook=${meat,,}   #translate to all lowercase.  
       attrib=" '{ type "$type" hook "$hook" priority "$priority"+10;}'"   

      
    if[[ $a$b == "__" ]]; then   
        cmd=" insert rule inet firewalld $stage$step" ;   
         sudo nft $cmd  
     else  
         cmd=" create chain inet firewalld $stage$step $attrib";   
        sudo nft $cmd  
    fi  
     done  
  done
45
1 + 3
Jaromanda X avatar
ru flag
Jaromanda X
tagged `bash` but that isn't valid bash script with all those random `.` all over the place
1
Reply
Ljm Dullaart avatar
jp flag
Ljm Dullaart
If it is meant to be a bash script, use https://www.shellcheck.net/ and implement the recommandations. Due to quoting issues, you will need several iterations.
0
Reply
ArrowInTree avatar
fr flag
ArrowInTree
That's an android/spellcheck/server fault artifact. It was a lot to type in.. but fixed.
0
Reply
Score:0
ArrowInTree avatar Server
fr flag
ArrowInTree

Removing the single quotes around the curly braces was the answer. I tried this because I figured the shell script (and sudo) were doing a fork/exec, for nft, with no shell interpretation.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.