fix path iptables for refill_blacklist

roles/deploy-web/files/refill_blacklist.sh

@@ -1,11 +1,12 @@
 #!/bin/bash
 
+IPTABLES=/usr/sbin/iptables
 BLACKLIST=/etc/sentinel/blacklist
-chain_count=$(iptables -L BLACKLIST -n | wc -l)
+chain_count=$(${IPTABLES} -L BLACKLIST -n | wc -l)
 if [ ${chain_count} -eq 0 ]; then
-	iptables -N BLACKLIST
+	${IPTABLES} -N BLACKLIST
-	iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j BLACKLIST
+	${IPTABLES} -I INPUT 1 -p tcp -m tcp --dport 80 -j BLACKLIST
-	iptables -I INPUT 1 -p tcp -m tcp --dport 443 -j BLACKLIST
+	${IPTABLES} -I INPUT 1 -p tcp -m tcp --dport 443 -j BLACKLIST
 
 fi
 if [ ! -f ${BLACKLIST} ]; then
@@ -13,7 +14,7 @@ if [ ! -f ${BLACKLIST} ]; then
 fi
 if [ ${chain_count} -gt 2 ]; then
 	chain_count=$(echo ${chain_count}-2 |bc)
-	iptables_ip=($(iptables -nvL BLACKLIST | tail -n ${chain_count}  | awk '{print $8}'))
+	iptables_ip=($(${IPTABLES} -nvL BLACKLIST | tail -n ${chain_count}  | awk '{print $8}'))
 	for i in $(cat ${BLACKLIST})
 	do
 		block_ip=1
@@ -24,13 +25,13 @@ if [ ${chain_count} -gt 2 ]; then
 			fi
 		done
 		if [ ${block_ip} -eq 1 ]; then
-			iptables -A BLACKLIST -s ${i} -j DROP
+			${IPTABLES} -A BLACKLIST -s ${i} -j DROP
 		fi
 	done
 else
 	for i in $(cat ${BLACKLIST})
 	do
-		iptables -A BLACKLIST -s ${i} -j DROP
+		${IPTABLES} -A BLACKLIST -s ${i} -j DROP
 	done
 fi