11-27-2007
Searching for text in a Space delimited File
Hi
I am trying to search a firewall syslog space delimeted file for all of the different tcp and udp destination ports.
I know that grep will find lines that contain specific text. And I have tried using the the the cut command to cut out of the file certain colums. However the test I am looking for is not always in the same colum.
What I would like to do is search through many log files in a directory for the text string dst_port=*** where the *** would be a wild card so I can see every destination port that has been requested from the firewall logs.
Below is a snap shot of the text im trying to search through.
Any help would be appreciated.
Andy
src=10.217.162.99 dst=10.217.208.105 src_port=4218 dst_port=135 src-xlated ip=10.217.162.99 port=4218 dst-xlated ip=10.217.208.105 po
rt=135 session_id=247646 reason=Close - TCP FIN
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
how to replace the 3rd colum? Each line begins similarly, but they all ends variously.
XX YY 03 variable text here
XX YY 03 more variable text here
XX YY 03 even more variable text here really long setence
XX YY 03 variable numbers also appear 03 11. 123 456
XX YY 03 the occasional comma,... (4 Replies)
Discussion started by: ajp7701
4 Replies
2. UNIX for Dummies Questions & Answers
I have a space delimited text file with 1,000,000+ columns and 100 rows. I want to delete columns 2 through 5 (2 and 5) included from the text file. How do I do that? Thanks. (3 Replies)
Discussion started by: evelibertine
3 Replies
3. UNIX for Dummies Questions & Answers
I have this space delimited large text file with more than 1,000,000+ columns and about 100 rows. I want to delete all the cells that consist of just 2 (leave 2's that are not by themselves intact):
File before modification
aa bb cc 2 NA100 dd
aa b1 c2 2 NA102 de
File after modification... (1 Reply)
Discussion started by: evelibertine
1 Replies
4. UNIX for Dummies Questions & Answers
How do you delete cells from a space delimited text file given row and column number? Letś say the row number is r and the column number is c. Thanks! (5 Replies)
Discussion started by: evelibertine
5 Replies
5. UNIX for Dummies Questions & Answers
I have a space delimited text file with 1,000,000+ columns? I would only like to view specific ones (let's say through 1:10), how can I do that? Thanks! (3 Replies)
Discussion started by: evelibertine
3 Replies
6. UNIX for Dummies Questions & Answers
Hi,
I have a space delimited text file that looks like the following:
250 rs10000056 0.04 0.0888 4 189321617
250 rs10000062 0.05 0.0435 4 5254744
250 rs10000064 0.02 0.2403 4 127809621
250 rs10000068 0.01 NA
250 rs1000007 0.00 0.9531 2 237752054
250 rs10000081 0.03 0.1400 4 17348363... (5 Replies)
Discussion started by: evelibertine
5 Replies
7. UNIX for Dummies Questions & Answers
I have a text file with irregular spacing between values which makes it really difficult to manipulate. Is there an easy way to convert it into a space delimited text file so that all the spaces, double spaces, triple spaces, tabs between numbers are converted into spaces. The file looks like this:... (5 Replies)
Discussion started by: evelibertine
5 Replies
8. UNIX for Dummies Questions & Answers
I have a space delimited text file with two columns. I would like to add NA to the first column of the text file.
Input:
19625 10.4791768259
19700 10.8146489183
19701 10.9084026759
19702 10.9861346978
19703 10.9304364984
Output:
NA19625 10.4791768259
NA19700 10.8146489183... (1 Reply)
Discussion started by: evelibertine
1 Replies
9. UNIX for Dummies Questions & Answers
Hi,
How do you swap two rows in a space delimited text file? Thanks! (4 Replies)
Discussion started by: evelibertine
4 Replies
10. UNIX for Dummies Questions & Answers
Hi,
I have a space delimited text file but I only want to change the first space to a tab and keep the rest of the spaces intact. How do I go about doing that? Thanks! (3 Replies)
Discussion started by: evelibertine
3 Replies
LEARN ABOUT FREEBSD
blackhole
BLACKHOLE(4) BSD Kernel Interfaces Manual BLACKHOLE(4)
NAME
blackhole -- a sysctl(8) MIB for manipulating behaviour in respect of refused TCP or UDP connection attempts
SYNOPSIS
sysctl net.inet.tcp.blackhole[=[0 | 1 | 2]]
sysctl net.inet.udp.blackhole[=[0 | 1]]
DESCRIPTION
The blackhole sysctl(8) MIB is used to control system behaviour when connection requests are received on TCP or UDP ports where there is no
socket listening.
Normal behaviour, when a TCP SYN segment is received on a port where there is no socket accepting connections, is for the system to return a
RST segment, and drop the connection. The connecting system will see this as a ``Connection refused''. By setting the TCP blackhole MIB to
a numeric value of one, the incoming SYN segment is merely dropped, and no RST is sent, making the system appear as a blackhole. By setting
the MIB value to two, any segment arriving on a closed port is dropped without returning a RST. This provides some degree of protection
against stealth port scans.
In the UDP instance, enabling blackhole behaviour turns off the sending of an ICMP port unreachable message in response to a UDP datagram
which arrives on a port where there is no socket listening. It must be noted that this behaviour will prevent remote systems from running
traceroute(8) to a system.
The blackhole behaviour is useful to slow down anyone who is port scanning a system, attempting to detect vulnerable services on a system.
It could potentially also slow down someone who is attempting a denial of service attack.
WARNING
The TCP and UDP blackhole features should not be regarded as a replacement for firewall solutions. Better security would consist of the
blackhole sysctl(8) MIB used in conjunction with one of the available firewall packages.
This mechanism is not a substitute for securing a system. It should be used together with other security mechanisms.
SEE ALSO
ip(4), tcp(4), udp(4), ipf(8), ipfw(8), pfctl(8), sysctl(8)
HISTORY
The TCP and UDP blackhole MIBs first appeared in FreeBSD 4.0.
AUTHORS
Geoffrey M. Rehmet
BSD
January 1, 2007 BSD