IP pattern matching

08-17-2011
IP pattern matching


I am writing a BASH script with egrep and I am trying to find the amount of times IP address appears in a mailbox file. I have this so far for my search criteria but the count it is bringing back is way too high so I think that maybe it is picking out all of the numbers in the file or something.
IP=`egrep -c -o '[0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]' sussmail.mbx`

It brings back a count of 1850 but I think there is only roughly about 60, here is what the IP address look like,
1 [] 1 [] 1 [] 3 [] 2  [] 2 [] 2 [] 1 [] 19  [] 16 [] 18 [] 17 []  1 [] 2 [] 5 [] 5 [] 1  [] 1 [] 1 [] 1  [] 1 [] 1 [] 1 [] 1  [] 1 [] 2 [] 1 [] 1  [] 1 [] 1 [] 1 [] 1  [] 1 [] 1 [] 1 [] 1  [] 1 [] 1 [] 1 [] 1  [] 1 [] 2 [] 1 [] 1  [] 2 [] 1 [] 1 [] 1  [] 4 [] 2 [] 1 []  1 [] 1 [] 1 [] 1 [] 1  [] 1 [] 1 [] 1 []  2 [] 1 [] 1 []

I am not very good with writing out the expressions, can someone help to write a better expression to capture the IP address better.

Thanks to all who help.
08-17-2011
please post some lines from the sussmail.mbx and also mention the required format of output
08-17-2011
It outputs it to a html file and the IP address which I am trying to find are listed above, but here are a few lines from the file.

From online@xxxx Tue Jun 22 13:35:58 2004
Received: from [] (helo=zzzz)
    by wwww with esmtp (Exim 3.03 #2)
    id 1BckVH-0000u8-00
    for bct@vvvv; Tue, 22 Jun 2004 13:35:55 +0100
Received: from yyyy ([])
    by zzzz with esmtp (Exim 4.24)
    id 1BckVK-0007Zn-3Y

08-17-2011
Originally Posted by 9aza
It outputs it to a html file and the IP address which I am trying to find are listed above, but here are a few lines from the file.

From online@xxxx Tue Jun 22 13:35:58 2004
Received: from [] (helo=zzzz)
    by wwww with esmtp (Exim 3.03 #2)
    id 1BckVH-0000u8-00
    for bct@vvvv; Tue, 22 Jun 2004 13:35:55 +0100
Received: from yyyy ([])
    by zzzz with esmtp (Exim 4.24)
    id 1BckVK-0007Zn-3Y

So you want total counts of above highlighted pattern..?
egrep -c '\[[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\]' inputfile

08-17-2011
Yeah that works great thanks. How would I get it to output what it is counting so I can see if it has got all of the IP addresses?
Also when it creates the output file, the html file, it saves the file but saves it like "output.html." with a full stop on the end. So when it opens it does not work, but I remove the full stop from the end of the filename and then it works. What might be causing this? Also the command line displays an error saying
' : not a valid identifiereclare: `
What does this mean because it still works kind of, baring the output issue.
08-17-2011
$awk -F"[][]" ' /Received/ { print $2 }' ip.txt  | sort | uniq -c

first column 1 is the count
