Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Array to array scanning

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Array to array scanning
# 1  
Old 01-15-2018
Array to array scanning
trying a little bit of array scanning for open ports.

my code looks like below:

Code:
/bin/netstat -lntp|\
awk 'BEGIN { split("25 80 2020 6033 6010",q);  } 
$1  == "tcp" { split($4,a,":"); p[a[2]]++;  }  
$1 == "tcp6" { split($4,a,":");p[a[4]]++ } 

END { 
for ( i in q ) { 
if (! q[i] in p ) { printf("%s\n",q[i])  }   
                  } 
        }'



my input is:


Code:
# /bin/netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      4227/mysqld
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      5584/smbd
tcp        0      0 127.0.0.1:5900          0.0.0.0:*               LISTEN      5620/kvm
tcp        0      0 127.0.0.1:5901          0.0.0.0:*               LISTEN      5643/kvm
tcp        0      0 127.0.0.1:5902          0.0.0.0:*               LISTEN      5672/kvm
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      2347/rpcbind
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      4482/sshd
tcp        0      0 0.0.0.0:631             0.0.0.0:*               LISTEN      3513/cupsd
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      4969/exim4
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      31012/3
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      5584/smbd
tcp        0      0 0.0.0.0:46787           0.0.0.0:*               LISTEN      2378/rpc.statd
tcp6       0      0 :::139                  :::*                    LISTEN      5584/smbd
tcp6       0      0 :::111                  :::*                    LISTEN      2347/rpcbind
tcp6       0      0 :::80                   :::*                    LISTEN      11530/apache2
tcp6       0      0 :::22                   :::*                    LISTEN      4482/sshd
tcp6       0      0 :::631                  :::*                    LISTEN      3513/cupsd
tcp6       0      0 ::1:25                  :::*                    LISTEN      4969/exim4
tcp6       0      0 ::1:6010                :::*                    LISTEN      31012/3
tcp6       0      0 :::443                  :::*                    LISTEN      11530/apache2
tcp6       0      0 :::445                  :::*                    LISTEN      5584/smbd
tcp6       0      0 :::57726                :::*                    LISTEN      2378/rpc.statd
#


the output I am looking for is something like

Code:
6010 port is not listed in allowed ports, the process is "31012/3" on "tcp6"


thanks
Last edited by vbe; 01-15-2018 at 04:31 AM.. Reason: typo
# 2  
Old 01-15-2018
Something like this modification of your approach?
Code:
/bin/netstat -lntp |
awk '
  BEGIN {
    split("25 80 2020 6033 6010",q)
  } 
  {
    n=split($4,a,":")
  }
  /^tcp/ && !(a[n] in q) {
    printf "%s port is not listed in allowed ports, the process is \"%s\" on \"%s\"\n", a[n], $NF, $1
  }
'

Last edited by Scrutinizer; 01-16-2018 at 12:04 PM.. Reason: Changed "p" to "a[n]". Thanks rtrx1..
# 3  
Old 01-15-2018
looks to me great,

but what is "p" here..thanks

---------- Post updated at 05:46 PM ---------- Previous update was at 04:20 PM ----------

I'm getting this when I run your code @Scrutinizer

Code:
 port is not listed in allowed ports, the process is "4227/mysqld" on "tcp"
 port is not listed in allowed ports, the process is "5584/smbd" on "tcp"
 port is not listed in allowed ports, the process is "5620/kvm" on "tcp"
 port is not listed in allowed ports, the process is "5643/kvm" on "tcp"
 port is not listed in allowed ports, the process is "5672/kvm" on "tcp"
 port is not listed in allowed ports, the process is "2347/rpcbind" on "tcp"
 port is not listed in allowed ports, the process is "4482/sshd" on "tcp"
 port is not listed in allowed ports, the process is "3513/cupsd" on "tcp"
 port is not listed in allowed ports, the process is "4969/exim4" on "tcp"
 port is not listed in allowed ports, the process is "31012/3" on "tcp"

# 4  
Old 01-15-2018
Try:-
Code:
/bin/netstat -lntp | awk '
        BEGIN {
                q["25"]
                q["80"]
                q["2020"]
                q["6033"]
                q["6010"]
        }
        {
                n = split( $4, a, ":" )
        }
        /^tcp/ && ( a[n] in q ) {
                printf "%s port is not listed in allowed ports, the process is \"%s\" on \"%s\"\n", a[n], $NF, $1
        }
'

# 5  
Old 01-15-2018
Quote:
but what is "p" here..
"p" could probably be a[n]

also, post #4 line maybe should be: /^tcp/ && ! ( a[n] in q ) {
Last edited by rdrtx1; 01-15-2018 at 03:51 PM..
This User Gave Thanks to rdrtx1 For This Post:
Scrutinizer
# 6  
Old 01-16-2018
Indeed it should read a[n] rather than p in post#2 . Corrected in post.
# 7  
Old 01-18-2018
learned to initialize array in awk,

@scrutinizer, I tried your code with a[n] as below it didn't give any success,

Code:
/^tcp/ && ( a[n] in q ) {
                printf "%s port is not listed in allowed ports, the process is \"%s\" on \"%s\"\n", a[n], $NF, $1
        }

however, the new way to initialize array from @Yoda's code, it worked very well.

my question is , what is the difference between initializing an array in awk like below given 2 options

option #1
Code:
split("80 25 443 6010",q)

and

option#2

Code:
q["80"]; q["25"]; q["443"];q["6010"]


Anyways, Option#2 worked for me and thanks both Yoda and Scrutinizer
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Inaccurate scanning of Bash array elements

username=cogiz #!/bin/bash shuffle() #@ USAGE: shuffle { #@ TODO: add options for multiple or partial decks Deck=$( printf "%s\n" {2,3,4,5,6,7,8,9,T,J,Q,K,A}{H,S,D,C} | awk '## Seed the random number generator BEGIN { srand() } ## Put a random number in front... (4 Replies)
Discussion started by: cogiz
4 Replies

2. UNIX for Beginners Questions & Answers

Scanning array for partial elements in Bash Script

Example of problem: computerhand=(6H 2C JC QS 9D 3H 8H 4D) topcard=6D How do you search ${computerhand} for all elements containing either a "6" or a "D" then save the output to a file? This is a part of a Terminal game of Crazy 8's that I'm attempting to write in Bash. Any... (2 Replies)
Discussion started by: cogiz
2 Replies

3. Shell Programming and Scripting

Bash arrays: rebin/interpolate smaller array to large array

hello, i need a bit of help on how to do this effectively in bash without a lot of extra looping or massive switch/case i have a long array of M elements and a short array of N elements, so M > N always. M is not a multiple of N. for case 1, I want to stretch N to fit M arrayHuge H = (... (2 Replies)
Discussion started by: f77hack
2 Replies

4. Shell Programming and Scripting

Bash 3.2 - Array / Regex - IF 3rd member in array ends in 5 digits then do somthing...

Trying to do some control flow parsing based on the index postion of an array member. Here is the pseudo code I am trying to write in (preferably in pure bash) where possible. I am thinking regex with do the trick, but need a little help. pesudo code if == ENDSINFIVEINTS ]]; then do... (4 Replies)
Discussion started by: briandanielz
4 Replies

5. Shell Programming and Scripting

PERL : Read an array and write to another array with intial string pattern checks

I have an array and two variables as below, I need to check if $datevar is present in $filename. If so, i need to replace $filename with the values in the array. I need the output inside an ARRAY How can this be done. Any help will be appreciated. Thanks in advance. (2 Replies)
Discussion started by: irudayaraj
2 Replies

6. Shell Programming and Scripting

perl, put one array into many array when field is equal to sth

Hi Everyone, #!/usr/bin/perl use strict; use warnings; my @test=("a;b;qqq;c;d","a;b;ggg;c;d","a;b;qqq;c;d"); would like to split the @test array into two array: @test1=(("a;b;qqq;c;d","a;b;qqq;c;d"); and @test2=("a;b;ggg;c;d"); means search for 3rd filed. Thanks find the... (0 Replies)
Discussion started by: jimmy_y
0 Replies

7. Shell Programming and Scripting

PHP: Search Multi-Dimensional(nested) array and export values of currenly worked on array.

Hi All, I'm writing a nagios check that will see if our ldap servers are in sync... I got the status data into a nested array, I would like to search key of each array and if "OK" is NOT present, echo other key=>values in the current array to a variable so...eg...let take the single array... (1 Reply)
Discussion started by: zeekblack
1 Replies

8. Programming

Creating an array to hold posix thread ids: Only dynamic array works

I am facing a strange error while creating posix threads: Given below are two snippets of code, the first one works whereas the second one gives a garbage value in the output. Snippet 1 This works: -------------- int *threadids; threadids = (int *) malloc (num_threads * sizeof(int)); ... (4 Replies)
Discussion started by: kmehta
4 Replies

9. Shell Programming and Scripting

create array holding characters from sring then echo array.

Hi, I wish to store $string1 in $string1array a character in each array element. Then i wish to echo the entire array to the screen so that it reads as the normal string again. I have been trying with the code below but does not work. Please help... To put string into array: ... (5 Replies)
Discussion started by: rorey_breaker
5 Replies

10. UNIX for Advanced & Expert Users

Percent complete error while scanning RAID array during 5.0.6 load

Percent complete SCO 5.0.6 / No longer an issue (0 Replies)
Discussion started by: Henrys
0 Replies
Login or Register to Ask a Question