#!/usr/bin/perl # strip_log.pl, called by show_denied_packets.sh # # remove the first part of a log , leaving the ip addy, etc # while (<>){ # match everything before the word DENY, then match a little more, # and then erase it all by substituting in nothing. s/^.*DENY\s\w+\s\w+=\d+\s//; # this matches and pulls out the values for the different ip addresses # and port numbers /(^.{7,18}):(\d+)\s(.{7,18}):(\d+)/; $Remote_Ip = $1; $Remote_Port = $2; $Local_Ip = $3; $Local_Port = $4; print "$Remote_Ip :$Remote_Port TO $Local_Ip:$Local_Port\n"; }