|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
compare 2 files..
Post 302109967 by amon on Friday 9th of March 2007 07:08:39 AM
03-09-2007
|
|
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I have file1 and file2:
file1:
11 xxx kksd ...
22 kkk kdsglg...
33 sss kdfjdksa...
44 kdsf dskjfkas ...
hh kdkf kdkkd..
jg dkf dfkdk ...
...
file2:
jg
22
hh
...
I need to check each line of file1. if the field one is in file2, I will keep it; if not, the whole line will be... (17 Replies)
Discussion started by: fredao
17 Replies
2. Shell Programming and Scripting
I have two files and need to compare the two files and to remove the matching lines from both the files (4 Replies)
Discussion started by: shellscripter
4 Replies
3. Shell Programming and Scripting
I have searched about 30 threads, a load of Google pages and cannot find what I am looking for. I have some of the parts but not the whole. I cannot seem to get the puzzle fit together.
I have three folders, two of which contain different versions of multiple files, dist/file1.php dist/file2.php... (4 Replies)
Discussion started by: bkeep
4 Replies
4. Shell Programming and Scripting
Hiiiii friends
I have 2 files which contains huge data & few lines of it are as shown below
File1: b.dat(which has 21 columns)
SSR 1976 8 12 13 10 44.00 39.0700 70.7800 7.0 0 0.00 0 2.78 0.00 0.00 0 0.00 2.78 0 NULL
ISC 1976 8 12 22 32 37.39 36.2942 70.7338... (6 Replies)
Discussion started by: reva
6 Replies
5. Shell Programming and Scripting
Hi, all:
I've got two folders, say, "folder1" and "folder2".
Under each, there are thousands of files.
It's quite obvious that there are some files missing in each. I just would like to find them. I believe this can be done by "diff" command.
However, if I change the above question a... (1 Reply)
Discussion started by: jiapei100
1 Replies
6. Shell Programming and Scripting
I have four files, I need to compare these files together.
As such i know "sdiff and comm" commands but these commands compare 2 files together. If I use sdiff command then i have to compare each file with other which will increase the codes.
Please suggest if you know some commands whcih can... (6 Replies)
Discussion started by: nehashine
6 Replies
7. Shell Programming and Scripting
Please help me with awk.I have two files with the below details
file1
123456789 2012
987654321 2011
a1234567892012
a1234abcde2012
b1234567892012
c1234567892012
98765a12342012
file2
a1234
01234
b1234
33333
I need to check whether the items in file2 is present in file1 .If it is... (2 Replies)
Discussion started by: Mary James
2 Replies
8. Shell Programming and Scripting
I want to compare two files, and search for items that are in both. Then override the first file with that containing only elements which were in both files. I imagine something with diff, but not sure.
File 1
One
Two
Three
Four
Five
File 2
One
Three
Four
Six
Eight (2 Replies)
Discussion started by: castrojc
2 Replies
9. Shell Programming and Scripting
I have this code
awk 'NR==FNR{a=$1;next} a' file1 file2
which does what I need it to do, but for only two files. I want to make it so that I can have multiple files (for example 30) and the code will return only the items that are in every single one of those files and ignore the ones... (7 Replies)
Discussion started by: castrojc
7 Replies
10. Shell Programming and Scripting
hi all,
Thanks to all for your great help...
I have a scenario that I have two files (file1 & file2). I need to compare two files entire row by row and share the output if any discrepancies within two files.
File1:
DB1|TB1|C1,C3
DB2|TB2|C1,C2
DB3|TB3|C1,C2,C3,C4
File2:
... (2 Replies)
Discussion started by: Selva_2507
2 Replies
LEARN ABOUT HPUX
ipsec_report
ipsec_report(1M) ipsec_report(1M) NAME
ipsec_report - report information about IPSec SYNOPSIS
audit_file report_file] DESCRIPTION
The utility reports information about the active HP-UX IPSec system, including data from the Policy daemon, IKE (Internet Key Exchange) daemon, the IPSec kernel, and the contents of the current active IPSec audit file. The utility requires the optional HP-UX IPSec software. You must have superuser capability to run Command-Line Arguments accepts the following command-line arguments: Displays report information for all options. This is the default option when no options are given to ipsec_report. Displays the current Security Associations (SAs). The arguments display the current IKEv1 and IKEv2 SAs established by the IKE daemon. The arguments display the current IPsec SAs kept in the kernel Security Association Engine database. The or arguments display the IKEv1 and IKEv2 and IPsec SAs (it is equivalent to specifying and Displays the IKEv1 and IKEv2 policies kept by the IKE daemon. Displays the information about the active host IPsec policies kept by the Policy daemon or displays the information about the configured host IPsec Policies An active host IPsec policy is a policy that is associated with an active IP interface (a configured IP interface, up or down). Displays the information about tunnel IPsec policies kept by the Policy daemon. Display the active IP interfaces (the IP interfaces configured in the system). An active interface is an interface that is configured in the system with a non-zero IP address, and can be up or down. Note that if you unplumb or remove the address for an interface by assigning it an all-zero IP address, may still show the interface in the active interface list for 30 seconds, but after 30 seconds, HP-UX IPSec removes it from the active interface list. Display the configured bypass list kept by the Policy daemon. Displays the contents of audit_file, an IPsec audit file. Use the command to determine the current IPsec audit file. Display the audit records only for the specified entity. This option must be used with option. Redirects all report output to a report file. If the report file already exists, overwrites the file; otherwise creates the file. RETURN VALUE
Upon successful completion, returns 0; otherwise it returns 1. ERRORS
fails if any of the following conditions is encountered: o Command used incorrectly - the utility returns a usage message. o IPSec is not active and the user attempts to use the option - the utility returns the message: EXAMPLES
The following excerpts of command outputs are from a system with a local address REPORT: ipsec_report -host active The option displays information about the active host IPsec policy rules. The output for this rule also includes the information about IPsec Security Associations (SAs) established. HP-UX IPSec creates an active policy entry for each configured policy. If a configured IPsec policy specifies a wildcard source address, HP-UX IPSec creates an policy for each each applicable active interface, and replaces the wildcard source address with the interface address. In addition, HP-UX IPSec creates an active policy entry each time it uses a policy to create an SA pair. The utility displays the policies in ascending priority order. The last entry is default host IPsec policy. The command displays output similar to the following: # ipsec_report -host active ------------------- Active Host Policy Rule --------------------- Rule Name: telnet_in Priority: 10 Cookie: 3 Src IP Addr: 192.1.1.1 Port number: 23 Dst IP Addr: 192.1.1.3 Port number: 56122 Network Protocol: TCP Action: Dynamic key SA State: Ready FLAGS: EXCLUSIVE Proposal 1: Transform: ESP-AES128-HMAC-SHA1 Lifetime Seconds: 28800 Lifetime Kbytes: 0 -- SA Pair -- SA Type: ESP Encryption Algorithm: AES128-CBC Authentication Algorithm: HMAC-SHA1 Outbound SPI (hex): 1FE472 Inbound SPI (hex): 241988 ------------------- Active Host Policy Rule --------------------- Rule Name: default Priority: 0 Cookie: 1 Action: Pass The fields in the output for an command are defined as follows: A character string used as the name of the rule. The policy priority. HP-UX IPSec searches policies in priority order, from low to high (a lower priority number has a higher priority). An integer used to cross-reference entries in the cache and policy (rule) tables kept by the Policy daemon. Only active rules with SAs have a cookie value. The source IP address or address range. The source or destination port number for the upper-layer protocol. In this example, it is the TCP port number. TCP port number 23 is the well-known port number for the telnet service(23). The destination IP address or address range. The upper-layer protocol in the IP header. The action or transform applied to packets matching this entry. Possible values follow: Use dynamic keys to create IPsec SAs for an IPsec transform - an Authentication Header, AH, and/or Encapsulating Security Payload, ESP. Use manual keys to create IPsec SAs for an IPsec transform. Pass in clear text. Discard the packet. If the action is or the entry will have information about the transform list for this policy. The flags configured for this policy. (This field is not present if there are no flags configured.) Possible flags are defined as follows: indicates that this policy is used for clients that use stateless or stateful address autoconfiguration. indicates that session-based keying will be used. Only IP packets with the same 5-tuple (the same source IP address, destination IP address, network protocol, source port and des- tination port) will share the same IPsec SA pair. The status of the active rule. Possible values for are (SAs are ready for use), (the initial state), (SAs are being negotiated). The name of the tunnel policy used with this host policy. This field is not present if no tunnel is configured for this host policy. The number of pending requests from the kernel to form IPsec SAs using this policy. Once the SA(s) are established, the queued kernel requests are processed and this value will be 0. This field is only displayed when the value is not 0. The proposed transforms in the transform list for this policy, listed in preference order. Proposal 1 is the highest preference. The proposal information includes the transform type, lifetime seconds and lifetime kilobytes. At least one transform type must match what is configured on the remote system, and the lifetime parameters must be acceptable by the remote system. Information about the SA created for this policy. Indicates the IPsec transform for this SA. Possible values are (Authentication Header) and (Encapsulating Security Payload). The encryption algorithm used for the SA, as negotiated with the remote system. (This field is only present if the Security Association Type is ESP.) The authentication algorithm used for the SA, as negotiated with the remote system. (This field is only present if the Security Association Type is AH or ESP.) The Security Parameters Index (SPI). The SPI is included in the IPsec AH or ESP protocol header transmitted to the remote system. The SPI is also used to index IPsec SA entries in the kernel Security Association database. REPORT: ipsec_report -host configured The option displays information about the host IPsec Policies that were configured by the IPSec administrator and loaded by the IPsec Pol- icy daemon. The command displays output similar to the following: # ipsec_report -host configured ----------------- Configured Host Policy Rule ------------------- Rule Name: telnet_in Priority: 10 Src IP Addr: 192.1.1.1 Port number: 23 Dst IP Addr: 192.1.1.0 Port number: 0 Network Protocol: TCP Action: Dynamic key SA FLAGS: EXCLUSIVE Proposal 1: Transform: ESP-AES128-HMAC-SHA1 Lifetime Seconds: 28800 Lifetime Kbytes: 0 ----------------- Configured Host Policy Rule ------------------- Rule Name: default Priority: 0 Action: Pass REPORT: ipsec_report -bypass The option displays the local IP addresses configured in the bypass list. This command displays output similar to the following: # ipsec_report -bypass --------------------- Configured Bypass IP List --------------------- IP Address: 192.2.2.1 REPORT: ipsec_report -ip The option displays the active IP interfaces in the system (the interfaces configured with non-zero IP addresses in the system, up or down). This command displays output similar to the following: # ipsec_report -ip --------------------------- System Configured Interface -------------- Interface Name: lan0 Address: 192.1.1.1 IPSec: On --------------------------- System Configured Interface ------------- Interface Name: lan1 Address: 192.2.2.1 IPSec: Off --------------------------- System Configured Interface ------------ Interface Name: lan0:1* Address: 192.1.3.3 IPSec: On The fields in the output for an command are defined as follows: The interface name, including the index. An asterisk after the interface name indicates that the interface is configured but has been marked down (for example, because the command was issued). The IP Address of the interface. The value indicates if HP-UX IPSec is in use for this interface. means that HP-UX IPSec is applied to this interface. means that HP-UX IPSec bypasses this interface. REPORT: ipsec_report -cache The option displays the Cache Policy Rules. The Cache Policy Rules are maintained by the Kernel Policy Engine and record the action to be taken for IP packets that match the 5-tuple (source IP address and port, destination IP address and port, and protocol) and direction. Note that there are no entries for inbound IP packets that have been authenticated or encrypted using IPsec Authentication Headers (AH) or Encapsulating Security Payload (ESP). This is because the system will receive these packets with a Security Parameters Index (SPI) in the AH or ESP header. HP-UX will use the SPI to find an entry in the kernel Security Association database and not query the Kernel Policy Engine for these packets. The command displays output similar to the following: # ipsec_report -cache -------------------------Cache Policy Rule --------------------------- Cache Policy Record: 9 Cookie: 3 Src IP Address: 192.1.1.1 Src Port number: 23 Dst IP Address: 192.1.1.3 Dst Port number: 56122 Network Protocol: TCP Direction: outbound Action: Secure -- SA Number 1 -- State: SA Created SA Type: ESP Tunnel SA: No SPI (hex): 1FE472 Src IP Address: 192.1.1.1 Dst IP Address: 192.1.1.3 The fields in the output for an command are defined as follows: An integer used internally by HP-UX IPSec to index the entries. An integer used to cross-reference entries in the cache and policy tables kept by the Policy daemon. All cache entries based on the same active policy entry will have the same cookie value. The source IP address. The source port number for the upper-layer protocol. In this example, it is the TCP port number. The destination IP address. The destination port number for the upper-layer protocol. In this example, it is the TCP port number and it is the well-known port for the telnet service(23). The upper-layer protocol in the IP header. Indicates if this cache entry is for inbound (packets received by the local system or outbound (packets sent from the local system) packets. Indicates the action or transform applied to packets matching this entry. Possible values are (authenticate and/or encrypt using an IPsec transform: Authentication Header, AH, and/or Encapsulating Security Payload, ESP), (pass in clear text), or (discard the packet). If the action is and the direction is the entry will have information about the IPsec Security Associations (SAs) established for packets matching the 5-tuple for this entry. The SA fields are defined as follows: Internal index for the SA for this packet (this is always 1). Indicates the state of the SA. Possible values are (indicates that the SA has been established and is active), (indicates that this SA is in the process of being created). Indicates the IPsec transform for this SA. Possible values are (Authentication Header) and (Encapsulating Security Payload). Indicates if the SA being used to send the packet through an IPsec tunnel. The Security Parameters Index (SPI). The SPI is included in the IPsec AH or ESP protocol header transmitted to the remote system. The SPI is also used to index IPsec SA entries in the kernel Security Association database. The source IP address that will be used in the IP header. This may be different than the original source IP address if tunneling is being used. The destination IP address that will be used in the IP header. This may be different than the original destination IP address if tunneling is being used. REPORT: ipsec_report -sa ipsec The option displays information about the IPsec Security Associations, as maintained by the kernel Security Association Engine in the SA database. The command displays output similar to the following: # ipsec_report -sa ipsec ------------------------ IPsec SA ------------------------ Sequence number: 1 SPI (hex): 1FE472 State: MATURE SA Type: ESP with AES128-CBC encryption and HMAC-SHA1 authentication Src IP Addr: 192.1.1.1 Dst IP Addr: 192.1.1.3 --- Current Lifetimes --- bytes processed: 3384 addtime (seconds): 14 usetime (seconds): 12 --- Hard Lifetimes --- bytes processed: 0 addtime (seconds): 28800 usetime (seconds): 0 --- Soft Lifetimes --- bytes processed: 0 addtime (seconds): 24264 usetime (seconds): 0 ------------------------ IPsec SA ------------------------ Sequence number: 2 SPI (hex): 241988 State: MATURE SA Type: ESP with AES128-CBC encryption and HMAC-SHA1 authentication Src IP Addr: 192.1.1.3 Dst IP Addr: 192.1.1.1 --- Current Lifetimes --- bytes processed: 1648 addtime (seconds): 14 usetime (seconds): 12 --- Hard Lifetimes --- bytes processed: 0 addtime (seconds): 28800 usetime (seconds): 0 --- Soft Lifetimes --- bytes processed: 0 addtime (seconds): 24264 usetime (seconds): 0 The fields in the output for an command are defined as follows: An integer used internally by the SA engine to index the entries. The Security Parameters Index (SPI). For outbound SAs (the source IP address is a local address), the SPI is selected by the remote system and is included in the outbound IPsec AH or ESP protocol header. For inbound SAs, this is the SPI selected by the local system and is used to find the correct SA when the local system receives a packet with an IPsec AH or ESP header. The state of the IPsec SA. Possible values are (the SA is established and available for use), (the SA is being established), and (the SA is expired and not usable). Indicates the type of transform, such as (Authentication Header) or (Encapsulating Security Payload), and the authentication or encryption algorithm used. The source IP address for the SA. The destination IP address for the SA. The current lifetime for the SA, as measured by the amount of data sent and received (bytes processed), number of seconds since the SA was added to the database (addtime) or the number of seconds since the SA was first used to transmit or receive data (usetime). The maximum lifetimes for the SA, as negotiated with the remote system. These are measured by the amount of data sent or received (bytes processed), number of seconds since the SA was added to the database (addtime) or the number of seconds since the SA was first used to transmit or receive data (usetime). If any of the three values is exceeded, the SA is deleted and a new SA must be established if there is more data to send. Note that a value of 0 for bytes processed indicates that the number of bytes processed is ignored (there is no maximum lifetime based on bytes sent or received). This field is not present for manual keys. There are no maximum lifetimes for manual key SAs since they are static. The maximum "soft" lifetimes for the SA. When any of these values are exceeded, IKE will attempt to negotiate a new SA with the remote system. This field is not present for manual keys. There are no maximum lifetimes for manual key SAs since they are static. REPORT: ipsec_report -sa ike The option displays the IKEv1 and IKEv2 entries, which contain information about IKE Security Associations (SAs) established by the IKE daemon (ikmpd). The command displays output similar to the following: # ipsec_report -sa ike ------------------------ IKEv2 SA ---------------------------- Index: d7acae5476072ef9:80036a37b499c21d Local IP Addr: 192.1.1.1/500 Remote IP Addr: 192.1.1.3/500 Role: Initiator State: Established Auth Record: my_auth Policy Name: default Auth Method: PSK ENCR: 3DES HASH: AES-XCBC PRF: HMAC-SHA1 DH Group: 2 PFS: off The fields in the output for an command are defined as follows: The IKE initiator cookie and IKE responder cookie, separated by a colon (:). The IKE daemon uses these values to identify the IKE SA. The local IP address and IKE daemon UDP port number. The remote (peer) IP address and IKE daemon UDP port number. Indicates if the local system initiated the IKE SA or responded to a remote request to establish the IKE SA The state of the SA. Possible values are (the SA is established), (the SA is in the process of being deleted; waiting for a delete response from the peer), or (the SA is deleted, but the entry has not been removed). The name of the authentication record used to establish this SA. Name of the IKEv1 or IKEv2 policy used to establish this SA. The authentication method used to establish this SA. The algorithm used to encrypt the IKE protocol messages after the initial exchange. Local IP Addr: 15.1.1.1 Remote IP Addr: 15.2.2.2 The algorithm used to authenticate the IKE protocol messages after the initial exchange. The pseudo-random function used to generate keying material. This field is present only if the IKE version is IKEv2. The Diffie-Hellman (DH) Group. This determines the numeric base for values used in the Diffie-Hellman exchange of the IKE protocol. This indicates if Perfect Forward Secrecy (PFS) is enabled or not. When PFS is enabled, the IKE daemon performs a Diffie-Hellman exchange for all IKE and IPsec SA negotiations after the initial IPsec SA pair is created, and a new Diffie-Hellman exchange for any SA re-keying. REPORT: ipsec_report -tunnel The command displays the information about tunnel IPsec policies kept by the Policy daemon. The command displays output similar to the following: # ipsec_report -tunnel ------------------------------------------------------------------------- ipsec_report -tunnel -------------------- Tunnel Policy Rule ---------------------- Tunnel Name: mipv6_tunnel_name Cookie: 3 Tunnel Src IP Addr: fe80::260:1111:2222:3333 Tunnel Dst IP Addr: fe80::230:6666 :7777:8888 Src IP Addr: 0::0 Dst IP Addr: fe80::230:6666:7777:8888 Network Protocol: TCP Action: Manual Key SA Transform: ESP-DES-HMAC-SHA1 -- SA Number 1 -- SPI (hex): 3EB SA Type: ESP Authentication Algorithm: HMAC-SHA1 Encryption Algorithm: DES-CBC Src IP Addr: fe80::230:6666:7777:8888 Dst IP Addr: fe80::260:1111:2222:3333 SA direction: INBOUND -- SA Number 2 -- SPI (hex): 3EA SA Type: ESP Authentication Algorithm: HMAC-SHA1 Encryption Algorithm: DES-CBC Src IP Addr: fe80::260:b1111:2222:3333 Dst IP Addr: fe80::230:6666:7777:8888 SA direction: OUTBOUND The fields in the output for an command are defined as follows: A character string used as the name of the tunnel policy. An integer used internally by IPSec to identify the entries. This field is not present if the tunnel source address was not configured in the tunnel IPsec policy and the output is for a configured (static) policy. If the output is for a dynamic pol- icy created for a tunnel SA, this field contains the IP address of the actual tunnel endpoint. This field is not present if the tunnel destination address was not configured in the tunnel IPsec policy and the output is for a configured (static) policy. If the output is for a dynamic pol- icy created for a tunnel SA, this field contains the IP address of the actual tunnel endpoint. The source proxy (end host) IP address. (The source end-to-end address for outbound packets; the destination end-to-end address for inbound packets.) The destination proxy (end host) IP address. (The destination end-to-end address for outbound packets; the source end-to-end address for inbound packets.) (This field is only present if the network protocol is TCP, UDP, or ALL.) The source or destination port number for the upper-layer protocol. The destination proxy (end host) IP address. The upper-layer protocol in the IP header. The type of IPsec SAs for this tunnel. Possible values follow: Use dynamic keys to create IPsec SAs for the transform - an Authentication Header (AH) and/or Encapsulating Security Payload (ESP). Use manual keys to create IPsec SAs for the transform. (This field is only present for dynamic key SAs.) The state of the SAs. Possible values for are as follows: (SAs are ready for use) (the IKE daemon has not started negotiating the IPSec/MM SAs) (the IKE daemon is negotiating the IPSec/MM SAs) (error state) Information about the inbound and outbound SAs. The Security Parameters Index (SPI). The SPI is included in the IPsec AH or ESP protocol header transmitted to the remote system. The SPI is also used to index IPsec SA entries in the kernel Security Association database. Indicates the IPsec transform for this SA. Possible values are (Authentication Header) and (Encapsulating Security Payload). The authentication algorithm used for the SA, as negotiated with the remote system. (This field is only present if the Security Association Type is AH or ESP.) The encryption algorithm used for the SA, as negotiated with the remote system. (This field is only present if the Security Association Type is ESP.) The source IP address for this SA. The destination IP address for this SA. The direction for this SA. Possible values are and AUTHOR
was developed by HP. SEE ALSO
ipsec_admin(1M), ipsec_config(1M), ipsec_config_add(1M), ipsec_config_batch(1M), ipsec_config_delete(1M), ipsec_config_export(1M), ipsec_config_show(1M), ipsec_migrate(1M), ipsec_policy(1M). IPSec Software Required ipsec_report(1M)