Chip 2007 January, February, March & April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / livecd.squashfs / usr / sbin / p0frep < prev next >

Wrap

Text File | 2005-12-11 | 1KB | 59 lines

#!/bin/sh # # p0frep - trivial reporting script for p0f logfiles # -------------------------------------------------- # # Copyright 2002-2004 by Michal Zalewski <lcamtuf@coredump.cx> # echo "p0frep: p0f v2 log analyzer by <lcamtuf@coredump.cx>" if [ $# -lt 2 ]; then cat >/dev/stderr <<EOHELP Usage: $0 logfile.txt sortby [ 'ipmask' 'sysmask' ] logfile.txt - input file sortby - 'system' or 'addr'; sort order ipmask - IP mask, e.g. 195.117.3. (can be '') sysmask - system name mask, e.g. 'Windows' Typical usage might be: To get your local systems in 10.0 subnet sorted by OS name: p0frep log.txt system 10.0. To get all AIX boxes sorted by IP: p0frep log.txt addr '' AIX ...and so on. EOHELP exit 1 fi if [ ! -f "$1" ]; then echo "No filename given." >/dev/stderr exit 1 fi if [ "$2" = "system" ]; then cat "$1" | awk -F'> ' '{print $2}NF==1{print $1}' | grep -F ' - ' | awk '{print "^" $0}' | grep -F "^$3" | \ awk '{print $3 " " $1}' | grep "^$4" | awk -F: '{print $1}' | \ sed 's/\^//g' | sort | uniq -c elif [ "$2" = "addr" ]; then cat "$1" | awk -F'> ' '{print $2}NF==1{print $1}' | grep -F ' - ' | awk '{print "^" $0}' | grep -F "^$3" | \ awk '{print $3 " " $1}' | grep "^$4" | awk -F: '{print $1}' | \ sed 's/\^//g' | awk '{print $2 " " $1}' | sort | uniq -c else echo "Second parameter (sort order) mst be 'system' or 'addr'." >/dev/stderr exit 1 fi exit 0