spamassassin question [with blacklist question]
Jeremy Turner
jeremy at linuxwebguy.com
Mon Oct 25 18:45:59 CDT 2004
This should have gone to kclug too..
On Mon, October 25, 2004 5:04 pm, Brian Densmore said:
> My only problem here is sometimes I need to use 'cut -d\ -f11' and
sometimes
> 'cut -d\ f12'. Sometimes I have to do both in the same file. So I guess
it's time
> to pull out the sed pocket reference I have and learn something in there
to help.
Nah... you're crying out for Perl =)
#---------------------------------------------------------------
#!/usr/bin/perl
$my_ip = "192.168.0.1";
%seen = ();
# get input from stdin
while (<>) {
# illegal = no username
# failed = wrong password
if (/Failed/ || /Illegal/) {
# match an ip address
/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/;
if ($my_ip !~ $1) {
$seen{$1}++;
}
}
}
@ips = sort keys %seen;
foreach (@ips) {
print "$_\n";
}
#-----------------------------------------------------------
The "Failed" and "Illegal" words are lines you would check to contain IP
addresses. The hash table is to knock out duplicate IP addresses.
Jeremy
--
Jeremy Turner <jeremy at linuxwebguy.com>
Linux Tips and News! ---> http://linuxwebguy.com
More information about the Kclug
mailing list