I never used to use bash scripts often but have found them increasingly more useful, I remember a friend of mine telling me about a less than competent co-worker of his that he would write bash scripts for just to take time off his hands when it came to the co-worker constantly asking for help because he couldn’t remember Linux commands one of the ones I remember specifically was related to flushing the firewall
#!/bin/bash
sudo iptables -nL -t raw -F
The script flushes all rules in the raw
table of the iptables
setup. This means it deletes all rules that might have been set in this table, effectively resetting it to its default state (no rules).
The reason I bring this up is that learning a scripting language Python, Bash, JavaScript etc. can increase general efficiency and time (also make it easier to use commands you might have forgotten or don’t want to type out entirely)
How to save and execute bash scripts
- Save the script in a file, for example,
myscript.sh
. - Make the script executable by running:
chmod +x
.myscript
.sh - Execute the script by typing:
./
.myscript
.sh
When using bash scripts it’s common that you will save them in a directory my personal scripts are in ‘scripts’ in my home directory for easy access, one script I use daily is connecting to VPN providers for different learning platforms I use
Connecting to VPN
#!/bin/bash
# Path to the OpenVPN binary
OPENVPN_PATH="/usr/local/Cellar/openvpn/2.6.8/sbin/openvpn"
# Path to your VPN configuration file
CONFIG_FILE="/Users/Trevor/Downloads/OPENvpn/us-academy-regular1.ovpn"
# Establish the VPN connection
sudo "$OPENVPN_PATH" --config "$CONFIG_FILE"
How the script works
- Shebang
#!/bin/bash
This is the shebang line. It tells the operating system that this script should be run using Bash - Variable Assignment:
OPENVPN_PATH="/usr/local/Cellar/openvpn/2.6.8/sbin/openvpn"
. This variable stores the path to the OpenVPN executable. - Another Variable Assignment:
CONFIG_FILE="/Users/Trevor/Downloads/OPENvpn/us-academy-regular1.ovpn"
This variable holds the path to the VPN configuration file - Command Execution: sudo “$OPENVPN_PATH” –config “$CONFIG_FILE” This is the actual command executed when everything is put together
I have multiple different VPN scripts that save me time when connecting to these platforms instead of typing out, and remembering all of the paths / names of vpn profiles. Like shown below
sudo /usr/local/Cellar/openvpn/2.6.8/sbin/openvpn --config /Users/Trevor/Downloads/OPENvpn/us-academy-regular1.ovpn
I can just change my directory to my script directory ‘cd scripts
‘ and then execute my bash script ./htbvpn.sh
One of the great things about bash scripting is that it is very simple to learn and to understand what the scripts do if you are already comfortable with your OS’s terminal / command line interface
Saving time with system administration and monitoring
Running NMAP scan to check devices connected to the network
#!/bin/bash
echo "Enter the subnet to scan (e.g., 192.168.1.0/24):"
read subnet
echo "Scanning for devices on the network $subnet..."
nmap -sn $subnet
echo "Network scan completed!"
Script break down
Shebang:
!/bin/bash
User input for subnet:
echo “Enter the subnet to scan (e.g., 192.168.1.0/24):”
read subnet
Command execution for the scan:
echo “Scanning for devices on the network $subnet…”
nmap -sn $subnet
Feedback:
echo “Network scan completed!”
Blocking a malicious domain
#!/bin/bash
echo "Enter the domain you wish to block:"
read domain
if grep -q "$domain" /etc/hosts; then
echo "The domain $domain is already blocked."
else
echo "127.0.0.1 $domain" | sudo tee -a /etc/hosts > /dev/null
if grep -q "$domain" /etc/hosts; then
echo "The domain $domain has been successfully blocked."
else
echo "Failed to block the domain $domain."
fi
fi
Script Breakdown
Shebang
!/bin/bash
User Prompt for Domain
echo “Enter the domain you wish to block:”
read domain
Check if domain is already blocked:
if grep -q “$domain” /etc/hosts; then
echo “The domain $domain is already blocked.”
else
fi
Append Domain to /etc/hosts:
echo “127.0.0.1 $domain” | sudo tee -a /etc/hosts > /dev/null
Verify Domain Addition:
if grep -q “$domain” /etc/hosts; then
echo “The domain $domain has been successfully blocked.”
else
echo “Failed to block the domain $domain.”
fi
Find top talkers (potential DDoS, Malicious Communication)
Another use is quickly executing complex / long commands in the shell like the example below using tcpdump, awk, cut, and sorting methods
#!/bin/bash
sudo tcpdump -nn -c 1000 ip | awk '{print $3}' | cut -d '.' -f 1-4 | sort | uniq -c | sort -nr | head -10
echo "Top talkers have been listed above."
The break down of this is pretty simple and shown in few lines compared to the previous due to the complexity of the tcpdump command comprising most of it.
Script Breakdown
Shebang
!/bin/bash
tcpdump command
sudo tcpdump -nn -c 1000 ip | awk ‘{print $3}’ | cut -d ‘.’ -f 1-4 | sort | uniq -c | sort -nr | head -10
Providing feedback
echo “Top talkers have been listed above.”
Seen through these examples, mastering bash scripting can really simplify your workflow and free up your time for more complex and interesting tasks. Whether it’s flushing iptables, connecting to a VPN, scanning your network, or even blocking a malicious domain, each script serves as a mini toolkit at your disposal.
I hope this showing practical uses of bash can inspire you to start automating some of your own routine tasks. The beauty of scripting lies in its ability to make the complex simple and the tedious manageable.