Hi
can someone explain the following or reproduce it (may replace banIP with another existing chain name)?
Both commands should return "0". This fails on CLI on my system.
set -o pipefail && if { /usr/sbin/iptables-save | grep -q " banIP "; }; then echo $?; fi
# Result: 0 (as cronjob) | <no output> (via CLI)
set -o pipefail && { /usr/sbin/iptables-save | grep -q " banIP "; }; echo $?
# Result: 0 (as cronjob) | 141 (via CLI)
- behaviour is the same with
/usr/sbin/iptables -S
instead of iptables-save - it works when
/usr/sbin/iptables-save
is dumped to an intermediate file, which then is cat'ed to pipe+grep (to match the pipe scenario above) -
/usr/sbin/iptables -S "banIP" > /dev/null;
without pipe+grep works
Thanks a lot in advance!
System:
::: banIP runtime information
+ status : enabled
+ version : 0.7.10
+ ipset_info : 11 IPSets with 42708 IPs/Prefixes
+ active_sources : blacklist, darklist, debl, doh, feodo, greensnow, iblockspy, sslbl, threat, tor, whitelist
+ active_devs : wan
+ active_ifaces : wan
+ active_logterms : dropbear, sshd, luci, nginx
+ active_subnets : 192.168.2.103/24
+ run_infos : settype: src+dst, backup_dir: /x/x/banIP-backup, report_dir: /x/x/banIP-report
+ run_flags : protocols (4/6): ✔/✘, log (src/dst): ✘/✘, monitor: ✔, mail: ✔, whitelist only: ✘
+ last_run : refresh, 0m 8s, 252/100/119, 07.03.2022 16:04:00
+ system : MikroTik RouterBOARD 750Gr3, OpenWrt 21.02.1 r16325-88151b8303
Corresponding issue on github/banip