danieljimenez · May 12, 2017 15:36
diff --git a/block_ip b/block_ip
 #!/bin/bash
 aclid=acl-d347edbc
 start_rule=1000
 cidr=$1

 if [ -z "${cidr}" ] ; then
    echo "Must provide CIDR block to DENY"
    exit 1
 fi

 used_entries=$(aws ec2 describe-network-acls --network-acl-ids ${aclid} \
               --output text | grep ENTRIES | grep False | awk '{print $6}')


 rule=$start_rule
 while grep $rule <(echo "${used_entries}") > /dev/null ; do
    ((rule+=1))
 done

 echo "Adding new rule: ${rule} DENY ingress from ${cidr}"

 aws ec2 create-network-acl-entry --network-acl-id "${aclid}" \
                                 --cidr-block "${cidr}" \
                                 --rule-number ${rule} \
                                 --rule-action deny \
                                 --ingress \
                                 --protocol all
	#!/bin/bash
	aclid=acl-d347edbc
	start_rule=1000
	cidr=$1

	if [ -z "${cidr}" ] ; then
	echo "Must provide CIDR block to DENY"
	exit 1
	fi

	used_entries=$(aws ec2 describe-network-acls --network-acl-ids ${aclid} \
	--output text \| grep ENTRIES \| grep False \| awk '{print $6}')


	rule=$start_rule
	while grep $rule <(echo "${used_entries}") > /dev/null ; do
	((rule+=1))
	done

	echo "Adding new rule: ${rule} DENY ingress from ${cidr}"

	aws ec2 create-network-acl-entry --network-acl-id "${aclid}" \
	--cidr-block "${cidr}" \
	--rule-number ${rule} \
	--rule-action deny \
	--ingress \
	--protocol all
No results found