0

i have an ip list array

ip_array=['192.168.1.100' '192.168.1.101' '192.168.1.102' '192.168.1.103' '192.168.1.104' '192.168.1.105' '192.168.1.106' '192.168.1.107' '192.168.1.108' '192.168.1.109' '192.168.1.110']

i want to run iptables output against the ip_array and get results. e.g

    pkts      bytes target     prot opt in     out     source               destination
   83276  4337105   RETURN     0    --  *      *       192.168.1.106        0.0.0.0/0
  166008 230477883  RETURN     0    --  *      *       0.0.0.0/0            192.168.1.106
       0        0   RETURN     0    --  *      *       192.168.1.107        0.0.0.0/0
       0        0   RETURN     0    --  *      *       0.0.0.0/0            192.168.1.107
       0        0   RETURN     0    --  *      *       192.168.1.103        0.0.0.0/0
       0        0   RETURN     0    --  *      *       0.0.0.0/0            192.168.1.103
      99     9144   RETURN     0    --  *      *       192.168.1.102        0.0.0.0/0
      79    11590   RETURN     0    --  *      *       0.0.0.0/0            192.168.1.102
       0        0   RETURN     0    --  *      *       192.168.1.101        0.0.0.0/0
       0        0   RETURN     0    --  *      *       0.0.0.0/0            192.168.1.101
  994874 51992106   RETURN     0    --  *      *       192.168.1.100        0.0.0.0/0
 2398169 3594009427 RETURN     0    --  *      *       0.0.0.0/0            192.168.1.100
       0        0   RETURN     0    --  *      *       192.168.1.106        0.0.0.0/0
       0        0   RETURN     0    --  *      *       0.0.0.0/0            192.168.1.106

from my previous post I learnt that I can get the bytes info using awk

iptables -L RRDIPT -vnx -t filter |awk '!/destination/{a[$9]+=$2}END{for(item in a){total+=a[item];dl[item]=a[item];printf item"-"a[item]}}'

but since the ip address keep changing i want my output to be in the same format..

i.e bytesof 192.168.1.100, bytesof 192.168.1.102, bytesof 192.168.1.103, bytesof 192.168.1.104.......bytesof 192.168.1.110

i would like to see the below output 

[3594009427,0,11590,0,0,0,230477883,0,0,0,0]

I tried using arrays 

iptables -L RRDIPT -vnx -t filter |awk '!/destination/{a[$9]+=$2}END{for(item in a){if(item==ip_array[i]){dl[i]=a[item];printf dl[i];}else{dl[i]=0}i+=i;}}'

I declared dl as a global array but I cannot seem to access the values e.g dl[0] for further processing.

Can anyone help?

Improve this question
12
  • I am scared to format the question :P Commented Jan 27, 2011 at 4:52
  • i am scared too, to format the question Commented Jan 27, 2011 at 4:54
  • I am brave enough ;) - but now someone else answer it ;) Commented Jan 27, 2011 at 4:54
  • I'll answer it if the OP puts sample output of what he is looking for. Commented Jan 27, 2011 at 5:28
  • oops.. apologies people, n00b to stackoverflow. SiegeX i am looking for a structured output i.e, i want to get the bytes of the ip address that are active.if the ip address is not active i need to return 0. for the above iptables output i would like to see the below output 3594009427,0,11590,0,0,0,230477883,0,0,0,0 i.e bytesof 192.168.1.100, bytesof 192.168.1.102, bytesof 192.168.1.103, bytesof 192.168.1.104.......bytesof 192.168.1.110 Commented Jan 27, 2011 at 5:59

1 Answer 1

Reset to default
1

Try this:

iptables ... | awk 'BEGIN { base="192.168.1"; startrange=100; endrange=110 } NR > 1 { a[$9] += $2} END {for (i=startrange; i<=endrange; i++) {ip = base "." i; if (! a[ip]) a[ip] = 0; print ip, a[ip]}}'

Change the startrange and endrange values to suit you.

Example output:

192.168.1.100 9196
192.168.1.101 0
192.168.1.102 0
192.168.1.103 0
192.168.1.104 21009126
192.168.1.105 0
192.168.1.106 0
192.168.1.107 10333
192.168.1.108 0
192.168.1.109 0
192.168.1.110 120
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

@user: I'm glad it was helpful. Don't forget to mark answers to your questions as accepted (when they are acceptable).

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.