堆栈内存溢出
  简体   繁体   English

从文件外壳脚本获取子字符串

[英]get a substring from a file shell script

 原文  2013-01-14 20:09:50       linux/ shell/ grep

问题描述

I need a little help with this shell script. 我需要这个shell脚本一些帮助。 I have a variable, represents a IP/TCP header. 我有一个变量,代表一个IP / TCP标头。 I need filter a traffic capture by the header selected. 我需要按所选标题过滤流量捕获。 

> var=ttl 128
> 
> tcpdump -Xvv -n -i eth0 -c 300 > capture.txt 2>/dev/null
> 
> grep -i "$var" capture.txt > resultGrep.txt

The result of the tcpdump command is some like this tcpdump命令的结果如下所示 

15:29:18.164566 IP (tos 0x0, ttl 1, id 2394, offset 0, flags [none], proto UDP (17), length 125)
    10.0.0.155.58363 > 239.255.255.254.1900: UDP, length 97
    0x0000:  4600 0024 0000 0000 0102 3ad3 0a00 0000  F..$......:.....
    0x0010:  e000 0001 9404 0000 1101 ebfe 0000 0000  ................
    0x0020:  0300 0000 0000 0000 0000 0000 0000       ..............
15:29:18.164566 IP (tos 0x0, ttl 128, id 2394, offset 0, flags [none], proto UDP (17), length 125)
    10.0.0.131.58363 > 239.255.255.250.1900: UDP, length 97
    0x0000:  4600 0024 0000 0000 0102 3ad3 0a00 0000  F..$......:.....
    0x0010:  e000 0001 9404 0000 1101 ebfe 0000 0000  ................
    0x0020:  0300 0000 0000 0000 0000 0000 0000       ..............

I need have ip address source and ip address destination, in the example the output result must be 我需要IP地址源和IP地址目标,在示例中,输出结果必须为

10.0.0.131.58363 > 239.255.255.250.1900 10.0.0.131.58363> 239.255.255.250.1900

2 个解决方案

解决方案1
 1 已采纳  2013-01-14 20:46:24

Try doing this directly in a Unix pipe over tcpdump : 尝试通过tcpdumpUnix pipe直接执行此操作: 

tcpdump -Xvv -n -i eth0 -c 300 |
grep -oP "\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}.\d{1,5}\s+>\s+\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}.\d{1,5}"

This is rock solid ;) 这是坚如磐石的;)

解决方案2
 0  2013-01-14 20:32:48

well my understanding of the question is, you want to extract things from your resultGrep.txt , not capture.txt 我对这个问题的理解是,您想从resultGrep.txt提取内容,而不是capture.txt

then: 然后: 

grep -oP '[\d\.]*\s*>\s*[\d\.]*' resultGrep.txt

see test: 查看测试: 

kent$  echo "15:29:18.164566 IP (tos 0x0, ttl 1, id 2394, offset 0, flags [none], proto UDP (17), length 125)
dquote>     10.0.0.131.58363 > 239.255.255.250.1900: UDP, length 97
dquote>     0x0000:  4600 0024 0000 0000 0102 3ad3 0a00 0000  F..$......:.....
dquote>     0x0010:  e000 0001 9404 0000 1101 ebfe 0000 0000  ................
dquote>     0x0020:  0300 0000 0000 0000 0000 0000 0000       .............."|grep  -oP '[\d\.]*\s*>\s*[\d\.]*'
10.0.0.131.58363 > 239.255.255.250.1900

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 来自头shell脚本的子串 - Substring from a header shell script 使用 shell(bash)-script 从文件中导出带有 substring 的字符串 - export string with substring from file with shell(bash)-script 我需要在Shell脚本中获得一个子字符串 - I need get a substring in Shell Script 替换 shell 脚本中的子字符串 - Replace substring in shell script 在Shell脚本中最后一次出现单词之前获取子字符串 - Get substring before last occurrence of a word in shell script 仅使用Shell脚本从文本文件获取特定行 - Get specific line from text file using just shell script 如何从文件中获取传递给shell脚本的单个参数的日志 - How to get logs of individual argument passed to shell script from a file 使用Shell脚本从冗长的字符串中提取子字符串 - Extract a substring from a lengthy string Using Shell Script 从文件Shell脚本linux grep命令获取信息 - Get information from a file shell script linux grep command Shell脚本子字符串直到空格 - Shell script substring till space
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM