07-31-2008
Thanks all for helping me out.
This is a apache weblog file only.
Weblog format some thing like
IP - - [Time stamp:GMT] "Requestor string" statsus Size(bytes) "Referral URL" COOKIE_INFO="...................."
I will post a exact log record tomorrow.
But i am clue less how a 3 octet IP coming into this log file , When it is not at all possible to have a ip like in IPV4 as mentioned by Perderabo.
Not a single record -- So many record of the log contain 3 Octet IP.
* If we are talking about the apache truncation ???why other ip are 4 octet .. it should either truncte all ip to 3 octet or leave it at was .--Right ??
I googled out this ,,but no idea in what scenario one can see 3 octet ip in web log .
Please keep posting if any one has any information on this- the answer to the mystry will be a great relief for me .
Thanks
Last edited by jambesh; 07-31-2008 at 11:54 AM..
Reason: highliting some clue
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Keeping in mind that I'm relatively comfortable with programming in general but very new to unix and korn/bourne shell scripts..
I'm using awk on a CSV file, and then performing calculations and operations on specific fields within specific records. The CSV file I'm working with has about 600... (2 Replies)
Discussion started by: yongho
2 Replies
2. IP Networking
Hi sir,
i want to make such programe which takes MAC(Ethernet) address of any host & give me its IP address.......
but i'm nt getting that how i can pass the MAC address to Frame........
Please give me an idea for making such program...
Thanks & regards
Krishna (3 Replies)
Discussion started by: krishnacins
3 Replies
3. Programming
Hi all,
Situation is as below.
I would get an IP address and port from eithe r a file or command line. It probably would be as char * or string. So was wondering how I could accept this and increment the last octets?
Incrementing the port is fine. I could get that into an integer by atoi()... (8 Replies)
Discussion started by: Naanu
8 Replies
4. UNIX for Dummies Questions & Answers
:) Firstly Hi all!!, im NEW!! and on here hoping that someone might be able to offer me some help... i have a server that keeps crashing every few days with the error message:
PANIC KERNAL-MODE ADDRESS FAULT ON USER ADDRESS 0X14
KERNAL PAGE FAULT FROM (CS:EIP)=(100:EF71B5BD)
EAX=EF822000... (10 Replies)
Discussion started by: Twix
10 Replies
5. IP Networking
Hi there
I lost connectivity to one of our remote systems and when I checked the messages log I found the following:
Aug 10 23:42:34 host xntpd: time reset (step) 1.681729 s
Aug 16 13:20:51 host ip: WARNING: node "mac address" is using our IP address x.x.x.x on aggr1
Aug 16 13:20:51 host... (9 Replies)
Discussion started by: notreallyhere
9 Replies
6. UNIX for Dummies Questions & Answers
I'm trying to learn as much about GRUB as I can and it's stages are stored in these types of files.
Any info or search terms is appreciated!:wall: (5 Replies)
Discussion started by: theKbStockpiler
5 Replies
7. Shell Programming and Scripting
Hi Experts,
I am trying to print $2 & the IP_address upto 3rd octet only.
But unable to do so, Trying # awk '{print $2, substr($4,1,9)}' file . but not correct
File:
HOST= cmiHOST06 :: 10.26.107.73:/data120 /nbu/cmiHOST06/athpx07/aa1
HOST= cmiHOST05 :: 10.26.12.76:/data120... (5 Replies)
Discussion started by: rveri
5 Replies
8. Shell Programming and Scripting
Experts,
In one example I have seen how to get output upto 3rd octet, when there is a ":" separated with the 4rth octet.
However in this example how to remove 4rth octet and to keep upto 3rd octet with regular expressions and awk sub function:
I have tried with :but not working:
# awk '{... (3 Replies)
Discussion started by: rveri
3 Replies
9. UNIX for Advanced & Expert Users
Hi ,
Could someone let me know how to detect duplicate ip address after assigning ip address to ethernet interface using c program (3 Replies)
Discussion started by: Gopi Krishna P
3 Replies
10. Shell Programming and Scripting
Hello,
Im looking to help out my team by automating a simple search list. The user will look for a peering ip /30. For example 192.168.1.2/30 and gets the result. Im trying to get the entered /30 and subtract the last octet by one.
echo -n "Enter peering ip : "; read peeringip
cat... (3 Replies)
Discussion started by: D'go
3 Replies
LEARN ABOUT DEBIAN
mac-vendor
MAC-VENDOR(5) File Formats Manual MAC-VENDOR(5)
NAME
mac-vendor - Ethernet vendor file for arp-scan
SYNOPSIS
mac-vendor.txt
DESCRIPTION
The mac-vendor.txt contains Ethernet MAC to vendor string mappings for arp-scan. It is used in addition to the IEEE OUI and IAB listings
in ieee-oui.txt and ieee-iab.txt. It is for MAC-vendor mappings that are not covered by the IEEE manufacturer listings.
Each line in the mac-vendor.txt file contains a MAC-vendor mapping in the form:
<MAC-Prefix><TAB><Vendor>
Where <MAC-Prefix> is the prefix of the MAC address in hex, and <Vendor> is the name of the vendor. The prefix can be of any length from
two hex digits (one octet) to twelve hex digits (six octets, the entire Ethernet hardware address). The alphabetic hex characters [A-F]
must be entered in upper case.
For example:
012345 would match 01:23:45:xx:xx:xx, where xx represents any value;
0123456 would match 01:23:45:6x:xx:xx; and
01234567 would match 01:23:45:67:xx:xx.
Blank lines and lines beginning with "#" are ignored.
The order of entries in the file is not important. arp-scan will attempt to match larger prefixes before trying to match smaller ones, and
will stop at the first match.
FILES
/usr/local/share/arp-scan/mac-vendor.txt
EXAMPLE
# From nmap Debian bug report #369681 dated 31 May 2006
525400 QEMU
B0C420 Bochs
# From RFC 2338: 00-00-5E-00-01-{VRID}
00005E0001 VRRP (last octet is VRID)
# Microsoft WLBS (Windows NT Load Balancing Service)
# http://www.microsoft.com/technet/prodtechnol/acs/reskit/acrkappb.mspx
02BF Microsoft WLBS (last four octets are IP address)
AUTHOR
Roy Hills <Roy.Hills@nta-monitor.com>
SEE ALSO
arp-scan(1)
get-oui(1)
get-iab(1)
arp-fingerprint(1)
http://www.nta-monitor.com/wiki/ The arp-scan wiki page.
March 30, 2007 MAC-VENDOR(5)