0

I have a script that that I want to parse the username and IP address from.

Here is a sample of the script. this entry exists for all users, about 2000 lines in the script.

 if [ "$common_name" = "NUMERICUSERNAME" ]; then
  if [ $(/usr/sbin/iptables -t nat -L -v | grep to: | cut -d : -f 2) = "IP.AD.DR.ESS" ] ; then
   /usr/sbin/iptables -t nat -D POSTROUTING -s $(/usr/sbin/iptables -t nat -L -v | grep IP.AD.DR.ESS | gawk '{ print $(NF-2) }') -j SNAT --to-source IP.AD.DR.ESS ;
  fi
  /usr/sbin/iptables -t nat -A POSTROUTING -s $ifconfig_pool_remote_ip -j SNAT --to-source IP.AD.DR.ESS
  fi

The username is a 15 digit numeric string.

I have tried parsing with awk...something like awk '{print $5,$25}' filename but cant find the correct fields to capture.

I have also tried different forms of grep but do not know how to capture BOTH fields without causing the data to misalign. for example grep -oP '[0-9-]{10} [0-9:]{8}' filename gives me all the IPs or all the usernames...but I cant seem to figure out how to get both.

What is the most efficient way to get the output of NUMERICUSERNAME and is matching IP.AD.DR.ESS. something like this

NUMERICUSERNAME1 IP.AD.DR.ESS1
NUMERICUSERNAME2 IP.AD.DR.ESS2
....
NUMERICUSERNAME2000 IP.AD.DR.ESS2000

Also note that the entry has the IP.AD.DR.ESS in more than one location and that caused me to capture duplicates. can that be avoided as well?

EDIT: output of

$ awk '/common_name/ {u = substr($5,2,15)}
       /--to-source/ {print u, $(NF-1)}' < script

output:

 IP.AD.DR.ESS1
 --to-source
 IP.AD.DR.ESS10
 --to-source
 IP.AD.DR.ESS100
 ...
 IP.AD.DR.ESS75
 --to-source
NUMERICUSERNAME IP.AD.DR.ESS76
SAMENUMERICUSERNAME --to-source
SAMENUMERICUSERNAME IP.AD.DR.ESS77

notepad++ screen capture

EDIT

sample output from solution

NUMBERICUSERNAME1 IP.AD.DR.ESS1
NUMBERICUSERNAME1 --to-source
NUMBERICUSERNAME2 IP.AD.DR.ESS2
NUMBERICUSERNAME2 --to-source
Improve this question
1
  • 1
    Could you be more specific and show an example of the input? It is not clear the format from which you want to extract the information and that makes very difficult to come up with a solution. Thank you. Commented Jan 26, 2022 at 9:05

1 Answer 1

Reset to default
1

Something like this, maybe:

$ awk '/common_name/ {u = substr($5,2,15)}
       /iptables -t nat -A POSTROUTING/ {print u, $NF}' < script
NUMERICUSERNAME IP.AD.DR.ESS

If the /common_name/ and/or /iptables -t nat -A POSTROUTING/ regular expressions catch unwanted lines you can improve them a bit to make them more selective. Example:

/"\$common_name"\s*=\s*"[[:digit:]]{15}"/
Improve this answer
Sign up to request clarification or add additional context in comments.

14 Comments

that seems to return a single column of all the ip addresses, then repeats the list with two columns. The first column being only a single NUMBERICUSERNAME and the second column a repeated total list of IP addresses. I will post a formatted response in the original post
This means that the example input you show is not representative of your real input. If you test the proposed awk script with the example input you show it should produce exactly what you ask for. Of course we cannot test it on different inputs that you do not show.
The example input is one instance of the 581 entries I need to collect. The real sample is only different in the number of entries and changes made to the username and ip of course. does the proposed script depend on the number of entries needed to collect? there is no other difference
actually the first if is misaligned. I will correct that if it matters.
nope...I missed the second fi statemen, to close the second if....I apologize I will add that as well.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.