[英]How to match “Client Hello ServerName” exactly using Tcl regexp?
我的TCL脚本:
set line {
Jul 24 21:06:40 2014: %AUTH-6-INFO: login[1765]: user 'admin' on 'pts/1' logged
Jul 24 21:05:15 2014: %DATAPLANE-5-: Unrecognized HTTP URL www.58.net. Flow: 0x2
Jul 24 21:04:39 2014: %DATAPLANE-5-: Unrecognized HTTP URL static.58.com. Flow:
Jul 24 21:04:38 2014: %DATAPLANE-5-: Unrecognized HTTP URL www.google-analytics.com. Flow: 0x2265394048.
Jul 24 21:04:36 2014: %DATAPLANE-5-: Unrecognized HTTP URL track.58.co.in. Flow: 0
Jul 24 21:04:38 2014: %DATAPLANE-5-:Unrecognized HTTP URL www.google.co.in. Flow: 0x87078800
Jul 24 21:04:38 2014: %DATAPLANE-5-:CCB:44:Unrecognized Client Hello ServerName www.google.co.in. Flow: 0x87073880. len_analyzed: 183
Jul 24 21:04:38 2014: %DATAPLANE-5-:CCB:44:Unrecognized Server Hello ServerName test1. Flow: 0x87073880, len_analyzed 99
Jul 24 21:04:38 2014: %DATAPLANE-5-:CCB:44:Unrecognized Server Cert CommonName *.google.com. Flow: 0x87073880
Jul 24 21:04:38 2014: %DATAPLANE-5-:CCB:44:Searching rname(TYPE_A) cs50.wac.edgecastcdn.net in dns_hash_table
Jul 24 21:04:38 2014: %DATAPLANE-5-:Unrecognized HTTP URL www.facebook.com. Flow: 0x87078800
Jul 24 21:04:38 2014: %DATAPLANE-5-:CCB:44:Unrecognized Client Hello ServerName www.fb.com. Flow: 0x87073880. len_analyzed: 183
Jul 24 21:05:38 2014: %DATAPLANE-5-:CCB:44:Unrecognized Server Hello ServerName test. Flow: 0x87073880, len_analyzed 99
Jul 24 21:04:38 2014: %DATAPLANE-5-:CCB:44:Unrecognized Server Cert CommonName *.facebook.com. Flow: 0x87073880
Jul 24 21:05:39 2014: %DATAPLANE-5-:CCB:44:Searching rname(TYPE_A) cs50.wac.facebook.net in dns_hash_table
}
set urls [list]
foreach item [regexp -all -inline {Client[ ]Hello[ ]ServerName\s+\S+} $line] {
lappend urls [lindex $item 1]
}
#puts $res
set s "*****************************************************"
set f {}
set f [open output.txt a]
if {$f ne {}} {
foreach url $urls {
chan puts $f $url
}
chan puts $f $s
chan close $f
}
我正在尝试打印$line
“Client Hello ServerName”之后出现的字符。 我需要匹配完全“Client Hello ServerName”并在regexp中使用它来获取输出。 我试过Client[ ]Hello[ ]ServerName
。 但它不起作用。
输出应该是“www.google.co.in.www.fb.com”。 在output.txt文件中。
您可以使用大括号()
在Client Hello ServerName之后捕获字符串,例如:
foreach {dummy item} [regexp -all -inline {Client Hello ServerName\s+(\S+)} $line] {
lappend urls $item
}
尝试在这里测试你的知识和模式: https : //www.debuggex.com/它非常适合学习和检查你是否得到你想要的。
然而:
set pattern {^.*Client Hello ServerName\s+(.*)\s+Flow.*$}
foreach element $line {
set result [regexp $pattern $element match url]
if {$url} {
lappend urls $url
}
}
()将匹配您想要的模式。 使用' 。* '可以很容易地看到匹配是什么,添加一个模式可以让它更容易思考。
如果regexp匹配则$ result = 1,否则$ return = 0; 如果匹配发生,则将url匹配添加到url。
您可以在http://wiki.tcl.tk/986上找到有关tcl regexp的更多信息
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.