1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

script in linux for ips

Discussion in 'Linux / Unix Discussion' started by newkoba, Sep 27, 2007.

  1. newkoba

    newkoba Byte Poster

    144
    2
    24
    hey i created a script to pull specific ip ranges from the log file. my problem is that it doesn't pull what i am telling it to. right now it goes something like this.

    egrep '10.7.[144-167]' txt file

    it pulls any lines that start with a 1, 4, 6, or 7. what i want it to do is pull any ips in the range of 144-167, but nothing i have tried works, any ideas?

    thanks in advance.
     
    Certifications: Security + and CEH
    WIP: CWNA and CWSP
  2. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    First off - the '.' doesn't match '.' - it matches any character. To get it to match '.' you need a backslash escape.
    Second - the range brackets only work on a single character, not on values as you have them above.

    Try:
    Code:
    egrep '10\.7\.1(4[4-9]|5[0-9]|6[0-7])'
    
    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  3. newkoba

    newkoba Byte Poster

    144
    2
    24
    yeah i had done the backslash to comment out the "."s because they are just place holders in the script essentially, but i haven't tried separating the ranges.

    Thanks for the idea i'm going to give it a go now.
     
    Certifications: Security + and CEH
    WIP: CWNA and CWSP
  4. newkoba

    newkoba Byte Poster

    144
    2
    24
    hey broom, the syntax you posted worked in my testing, but i couldn't to working when it was pulling straight from the snort log. needless to say some playing with it later and a sed and awk command we're in business :)

    thanks again.
     
    Certifications: Security + and CEH
    WIP: CWNA and CWSP
  5. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    Glad you got it going!

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+

Share This Page

Loading...