If your script is taking "several minutes" to run then it probably need to be redesigned or called from a different event. If that can't be done I suggest that you put all of those commands into a separate script (e.g. myscript.sh) and spawn it as a separate process:john9527, so how can I run scripts and avoid this timeout or how can I increase it?
# Run script now
/jffs/scripts/myscript.sh &
modprobe ip_set
modprobe ip_set_iphash
modprobe ip_set_nethash
modprobe ip_set_setlist
ipset --create unblock iphash
#!/bin/sh
until ADDRS=$(dig +short google.com [USER=52002]@localhost[/USER]) && [ -n "$ADDRS" ] > /dev/null 2>&1; do sleep 5; done
while read line || [ -n "$line" ]; do
[ -z "$line" ] && continue
[ "${line:0:1}" = "#" ] && continue
addr=$(echo $line | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
if [ ! -z "$addr" ]; then
ipset --add unblock $addr
continue
fi
dig +short $line [USER=52002]@localhost[/USER] | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{system("ipset --add unblock "$1)}'
done < /tmp/mnt/microsd/dnsmasq/unblock.txt
#!/bin/sh
iptables -t nat -A PREROUTING -i br0 -p tcp -m set --set unblock dst -j REDIRECT --to-port 9141
The timeout is hardcoded at 2 min so currently no way to change it.john9527, so how can I run scripts and avoid this timeout or how can I increase it?
You can still run your scripts from post-mount, you just need to invoke it as a separate process as shown in my example.ColinTaylor, i need SD Card to be mounted when my scripts run, this is why I chose post-mount. If I will run them separately I will need to check if the SD Card is mounted and sleep until it is. Can you suggest the way to do it, also I wonder can you tell me the way to check if the ip_set module is loaded?
Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
#!/bin/sh
until ADDRS=$(dig +short google.com [USER=52002]@localhost[/USER]) && [ -n "$ADDRS" ] > /dev/null 2>&1; do sleep 5; done
while read line || [ -n "$line" ]; do
[ -z "$line" ] && continue
[ "${line:0:1}" = "#" ] && continue
addr=$(echo $line | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
if [ ! -z "$addr" ]; then
ipset --add unblock $addr
continue
fi
dig +short $line [USER=52002]@localhost[/USER] | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{system("ipset --add unblock "$1)}'
done < /tmp/mnt/microsd/dnsmasq/unblock.txt
You could use the following code. It will return true if the module is loaded and false if it isn't.What about checking if the ip_set module is loaded, can you suggest me the way, please?
lsmod | grep -qw ip_set
ipset has command line options to suppress errors like this. Is this available on your version?john9527, thanks for your warning. Updated my post with scripts. I have 264048 in my /tmp/mnt/microsd/dnsmasq/hosts.blocked and it seems to work just fine.
ColinTaylor, thanks, got it.
What about checking if the ip_set module is loaded, can you suggest me the way, please?
Also, I have a bunch of spam in log like:
This is due to command I use:Bash:Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:00 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 03:03:01 dnsmasq[30532]: failed to update ipset unblock: File exists
Can you suggest how to avoid this spam?Bash:#!/bin/sh until ADDRS=$(dig +short google.com [USER=52002]@localhost[/USER]) && [ -n "$ADDRS" ] > /dev/null 2>&1; do sleep 5; done while read line || [ -n "$line" ]; do [ -z "$line" ] && continue [ "${line:0:1}" = "#" ] && continue addr=$(echo $line | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') if [ ! -z "$addr" ]; then ipset --add unblock $addr continue fi dig +short $line [USER=52002]@localhost[/USER] | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{system("ipset --add unblock "$1)}' done < /tmp/mnt/microsd/dnsmasq/unblock.txt
-! Ignore errors when creating or adding sets or
elements that do exist or when deleting elements
that don't exist.
RT-N66U:/jffs/scripts# ipset --help
ipset v4.5
Usage: ipset -N new-set settype [options]
ipset -[XFLSH] [set] [options]
ipset -[EW] from-set to-set
ipset -[ADT] set IP
ipset -R
ipset -v
ipset -h (print this help information)
Commands:
Either long or short options are allowed.
--create -N setname settype <options>
Create a new set
--destroy -X [setname]
Destroy a set or all sets
--flush -F [setname]
Flush a set or all sets
--rename -E from-set to-set
Rename from-set to to-set
--swap -W from-set to-set
Swap the content of two existing sets
--list -L [setname] [options]
List the IPs in a set or all sets
--save -S [setname]
Save the set or all sets to stdout
--restore -R [option]
Restores a saved state
--add -A setname IP
Add an IP to a set
--del -D setname IP
Deletes an IP from a set
--test -T setname IP
Tests if an IP exists in a set.
--help -H [settype]
Prints this help, and settype specific help
--version -V
Prints version information
Options:
--sorted -s Numeric sort of the IPs in -L
--numeric -n Numeric output of addresses in a -L (default)
--resolve -r Try to resolve addresses in a -L
--quiet -q Suppress any output to stdout and stderr.
@MON@H Rasta Have you always had these messages or is this something new since installing the current firmware release?dave14305, I guess not. -q maybe?
#!/bin/sh
logger "unblock_ipset.sh: start"
until ADDRS=$(dig +short google.com @localhost) && [ -n "$ADDRS" ] > /dev/null 2>&1; do sleep 5; done
while read line || [ -n "$line" ]; do
[ -z "$line" ] && continue
[ "${line:0:1}" = "#" ] && continue
addr=$(echo $line | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
if [ ! -z "$addr" ]; then
if [ ! ipset -T unblock $addr ]; then
ipset -q --add unblock $addr
continue
fi
fi
dig +short $line @localhost | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{system("ipset -q --add unblock "$1)}'
done < /tmp/mnt/microsd/dnsmasq/unblock.txt
logger "unblock_ipset.sh: finish"
I suggest you create a separate thread if you want help debugging your script as the problems don't appear the be specifically related to this thread (i.e. release 45EC).ColinTaylor, they were always there. Just decided to ask, 'coz I posting here anyways
I tested -q flag and that spam is still there. I think I need to test if the IP is in the IP_SET already before adding.
I have modified the script like this, but not sure how to modify in that awk part. Can you please help me guys
Bash:#!/bin/sh logger "unblock_ipset.sh: start" until ADDRS=$(dig +short google.com @localhost) && [ -n "$ADDRS" ] > /dev/null 2>&1; do sleep 5; done while read line || [ -n "$line" ]; do [ -z "$line" ] && continue [ "${line:0:1}" = "#" ] && continue addr=$(echo $line | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') if [ ! -z "$addr" ]; then if [ ! ipset -T unblock $addr ]; then ipset -q --add unblock $addr continue fi fi dig +short $line @localhost | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{system("ipset -q --add unblock "$1)}' done < /tmp/mnt/microsd/dnsmasq/unblock.txt logger "unblock_ipset.sh: finish"
Not a problem (it was only one line of code ). Wasn't sure how far you got with moving things (that's actually the better solution).Thanks to all you guys and sorry for off-topic.
@Cromson, that's great! Which router though?
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!