> -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of kmail > Sent: Tuesday, August 16, 2005 4:18 AM > To: General Red Hat Linux discussion list > Subject: Re: script needed > > thanks to all, I tried it but I got (1.2.3.4[1.2.3.4]) as > result, how can I parse the ip inorder to add it to hosts.deny? > > also, how to ignore monitoring ip if I have them listed in a > test file. > > thank you > To further parse that line and get the IP address between the '(' and '[', you can add these awk components into the pipe: awk -F"(" '{print $2}' | awk -F[ '{print $1}' The -F option tells awk which character delimits a field. However, as I mentioned in my first e-mail, I do not know the exact format of the line you are searching for. If the line will always produce the same format as you mentioned in your e-mail (with the IP address in the same location), then the above should work. However, it is up to you to verify this would work 100% of the time. As the parsing you're asking for is relatively simple, I offered the line above; however, a 100% correct solution can only be guaranteed through a careful review/research (by the end user) of all details. As for your second question, I may have misunderstood your question but it seems the answer is already in the script. The code will check if the IP address exists on one line in the file /etc/hosts.deny. If it does not exist then append the IP address to the hosts.deny file. If you want to check another test file, simply replace /etc/hosts.deny with the name of your test file on the grep line. As a final point, in order to ensure 11.2.3.4 will not be confused with 1.2.3.4 when you grep (as pointed out by Marco Shaw), replace this line: IPADDRCNT=`tail -50 /var/log/messages | grep "<linepattern>" | grep -c $IPADDR` with this line: IPADDRCNT=`tail -50 /var/log/messages | grep "<linepattern>" | grep -c "($IPADDR\["` This will delimit the IP address as per your format you gave in your e-mail, with a "(" at the beginning and "[" at the end. Again, I can't stress more that you need to verify this script will work 100% yourself. I used to teach unix scripting so I don't mind helping out if the solution is simple, but you need to be 100% comfortable that you know what this script is doing and that it does what you want, before you put it in operation. If you have any more questions, I would suggest you do the research yourself to familiarize yourself with the script. Michael -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
