Skip to content

Instantly share code, notes, and snippets.

@mrled

mrled/iptricks.markdown

Created September 21, 2017 18:55
Show Gist options
  • Save mrled/875b97f0b0697c155a01727d1ea372fd to your computer and use it in GitHub Desktop.
Save mrled/875b97f0b0697c155a01727d1ea372fd to your computer and use it in GitHub Desktop.
Download ZIP
Linux `ip` tricks
Raw
iptricks.markdown

Linux ip tricks

# call like 'getips <INTERFACE> <FAMILY>'
# e.g. 'getips eth0 inet' might return 192.168.1.1/24
# e.g. 'getips eth0 inet6' might return fe80::4008:c2ff:fee8:fc93/64
# Note that this will retur all IPs of the family assigned to the interface - possibly more than one
getips() {
    if test $# != 2; then
        return 1
    fi
    ip -family "$2" -o address show dev "$1" | awk '!/^[0-9]*: ?lo|link\/ether/ {print $4}'
}

Now you might loop over them to apply firewall rules:

for ipaddr in $(getips eth0 inet); do
    iptables --append INPUT --destination "$ipaddr" --match conntrack --ctstate ESTABLISHED,RELATED --jump ACCEPT
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment