Created
April 9, 2019 04:34
-
-
Save guoyoujin/fcf8120b0a934958bf63b36cf3df558c to your computer and use it in GitHub Desktop.
ruby关于.cap文件过滤IP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| str = "21:20:36.678356 IP 190.223.26.38.ldap > 39.108.626.17.64292: UDP, bad length 2903 > 1472 | |
| 21:20:36.678429 IP 5-198-122-238.static.kc.net.uk.ldap > 39.108.626.17.17604: UDP, bad length 3040 > 1464 | |
| 21:20:36.678430 IP 190.223.26.38 > 39.108.626.17: udp | |
| 21:20:36.678486 IP 13.69.135.13 > 39.108.626.17: udp | |
| 21:20:36.678577 IP itt67-1-88-182-62-59.fbx.proxad.net.ntp > 39.108.626.17.47721: NTPv2, Reserved, length 440 | |
| 21:20:36.678578 IP mail.centromedicomilitar.com.gt.ldap > 39.108.626.17.17604: UDP, bad length 3173 > 1472 | |
| 21:20:36.678496 IP host-195-33-224-54.reverse.superonline.net.ldap > 39.108.626.17.64292: UDP, bad length 2934 > 1472 | |
| 21:20:36.678497 IP host-195-33-224-54.reverse.superonline.net > 39.108.626.17: udp" | |
| regex=/^[^I]*IP ([^>]*)>.*$/; | |
| arr = []; | |
| str.scan(regex).each{|m|arr.push m } | |
| arr = arr.uniq | |
| puts arr | |
| puts arr.length |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment