Home / server / Questions / 871794
Accepted
MarkHelms
Asked: 2017-09-03 08:48:37 +0800 CST

shell : warn about or deny command execution with help of an alias

  • 772

executing

iptables -F

is very dangerous if your default policy for one or all chains is DROP

I would like to use an alias in bashrc like 

alias iptables -F="echo \
'WARNING: due to the DROP default rule, flushing all rules would lock you out'"

but this does not work.

iptables

1 Answers

  1. Best Answer

    This should not work because of the space in your alias name.

    You could call a custom function instead, in .bash_aliases :

    #!/bin/bash

function myiptables {
 if [ $@ == "-F" ]
 then
   echo "WARNING: due to the DROP default rule, flushing all rules would lock you out"
 else
   command iptables "$@"
 fi
}

alias iptables='myiptables'

    This will print the warning message if iptables argument is -F.

    Otherwise, it will execute the normal iptables command, including all parameters you may have passed to it ($@).

    command will run the real iptables command, preveting calling back your own function :

    # help command
...
Runs COMMAND with ARGS suppressing shell function lookup, or display
information about the specified COMMANDs. Can be used to invoke commands
on disk when a function with the same name exists.
...
    • 2