Richard Bagshaw am Samstag, 13. Mai 2006 23.11:
> Hi,
>
> Thanks for the points, you are totally right though, I had thought about
> the order being different in the lines, im still pretty green when it
> comes to regular expressions, not yet figured out a way to get around
> the differences in order, but I will RTFM :-)
Hello Richard
The order as well as presence/absence does not matter in my second
script(-skeleton) :-)
[...]
> > Another approach would be to extract the parts one by one.
> > The following code is easy to extend/adapt (say, you want to match
> > more rules later on, or handle syntax errors, or handle
> > the case where (shell) variables are used in the rules, etc.)
> >
> > ===
> > #!/usr/bin/perl
> > use strict; use warnings;
> >
> > while (<DATA>) {
> > chomp; # remove ending newline
> >
> > my %parts; # the contents of one rule
> >
> > $parts{chain} =$1 if s/^iptables\s+-A\s+([A-Z]+)//i;
> > next unless $parts{chain}; # skip empty lines;
> >
> > $parts{proto} =$1 if s/-p\s+((?:tcp)|(?:udp))//i;
> > $parts{srcip} =$1 if s/-s\s+((?:\d{1,3}\.){3}\d{1,3})//;
> > $parts{dport} =$1 if s/--dport\s+([0-9]+)//;
> > $parts{target}=$1 if s/-j\s+([A-Z]+)//i;
> > # other parts here
Just one additional thought:
These lines won't match anything or not the whole value if the value is
"wrong", for example:
-p html -s 444 -dport ouch -j oops14
Maybe a better way is: [untested]
# catch any argument (without space) to -p
# that does not start with a '-' (to detect
# a missing argument where this is not legal)
#
$parts{proto} =$1 if s/-p\s+([^-]\S+)//i;
# now check if the argument is valid
#
$parts{proto}=~/(?:tcp)|(?:udp)/
or die "invalid proto '$parts{proto}'";
hm, and --syn for example takes no arguments...
Ah, an answer from John W. Krahn has just arrived - read his answers
carefully :-)
> > $parts{unmatched}=$_ unless /^\s*$/ ;
> >
> > print map "<$_=$parts{$_}>", keys %parts;
> > print "\n";
> > }
[...]
Dani
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
