Bash – CGI programming with shell scripts

bashcgisecurityshell

I need to pass the content of the textbox into a variable. i.e. whatever typed in the texbox of the html page needs to be pass to a variable. This is because I am calling HTML (CGI as well) inside linux shell programming. I need to manipulate that variable as I want. Do you have any idea to do it?

What I need to do is, I want to get the MAC address as an input from the user. i.e. we should have a HTML page with a text box, that user will be able to input the MAC address. therefore whatever user enters into the text box need to be passed to a variable.

Once we have the variable, this script will automatically add this MAC address into linux firewall to deny the access.

The code should be similar to the following:

!/bin/bash

echo "Content-type: text/html"

echo ""

echo ""

echo "enter the MAC address "

iptables -A INPUT -m mac --mac-source $mac_address -j DROP

service iptables save

service iptables restart

I will save this file (test.cgi) under /var/www/cgi-bin directory and I will run this script from firefox.

So the problem now I have the variable $mac_address. The CGI does not pass the textbox input into variable $mac_address.

Best Solution

The real answer to this question is don't.

Your web server seems to be running with root privileges. That is the first no-no.

Do you really want to allow the whole wide world to be able to tinker with your firewall configuration? You have no control over how your shell script gets invoked, what gets passed to it. You are opening major security holes.

See the WWW Security FAQ on CGI scripts and Writing secure CGI scripts as well as CGI Security : Better Safe than Sorry.