doomkiller Posted September 13, 2005 Posted September 13, 2005 Sorry in advance for the weak topic title. Ok here is what i got going on so far my script will take this txt file Active Connections Proto Local Address Foreign Address State TCP 192.168.0.101:1171 64.12.24.196:5190 ESTABLISHED TCP 192.168.0.101:1306 207.150.170.236:6667 ESTABLISHED TCP 192.168.0.101:1688 63.241.83.11:6112 TIME_WAIT TCP 192.168.0.101:1689 63.241.83.8:6112 ESTABLISHED TCP 192.168.0.101:1690 63.241.83.18:6112 TIME_WAIT TCP 192.168.0.101:1692 63.241.83.9:6112 TIME_WAIT TCP 192.168.0.101:1693 63.241.83.9:6112 TIME_WAIT TCP 192.168.0.101:1694 63.241.83.9:6112 TIME_WAIT TCP 192.168.0.101:1698 63.241.83.7:6112 ESTABLISHED TCP 192.168.0.101:1699 63.241.83.7:6112 TIME_WAIT TCP 192.168.0.101:1700 63.241.83.7:6112 TIME_WAIT TCP 192.168.0.101:1701 63.241.83.18:6112 TIME_WAIT TCP 192.168.0.101:1702 63.241.83.7:6112 TIME_WAIT TCP 192.168.0.101:1785 205.188.248.130:5190 ESTABLISHED TCP 192.168.0.101:3527 207.46.4.91:1863 ESTABLISHED and pick out this ip 64.12.24.196:5190 this is great in all but what i then need it to do is grab this :1171 in the same line for the locaport and I need that wrapped up in a variable. here is my code so far expandcollapse popup$ServerIP = "64.12.24." $IP1 = 196 CompareIP () Func CompareIP () Local $IPStart $A = 1 $hit = 0 for $i = 1 to 20 $CheckIP = FileReadLine ( 'C:\ip2.txt', $A ) $IPStart = StringInStr ( $CheckIP, $ServerIP ) $PortStart = StringInStr ( $CheckIP, ":5190" ) If ( $IPStart >0 ) and ( $PortStart>0 ) then MsgBox(4096, "Test", "test") if StringInStr ( $CheckIP, $ServerIP & $IP1 ) > 0 then $hit = 1 EndIf $A = $A + 1 next if $hit = 1 then IpFound () Endif EndIf Return EndFunc Func IpFound () MsgBox(4096, "Test3", "yep") EndFunc I guess in the end what it needs to do is check throught the txt. If it finds the ip it also logs the localport. Then when it comes back around in the bigger script I have it will check it again but if it see the same ip it will first check the port before going IpFound()
w0uter Posted September 13, 2005 Posted September 13, 2005 you could use regexp with a pattern that looks something like this: "192\.168\.0\.101(\:1171) 64\.12\.24\.196\:5190" My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll
doomkiller Posted September 13, 2005 Author Posted September 13, 2005 If I may ask what is "regexp" ? Oh and I guess I should also add in here is how i'm getting that list RunWait( @ComSpec & " /c " & 'netstat -n>c:\ip.txt' , "", @SW_HIDE )
/dev/null Posted September 13, 2005 Posted September 13, 2005 (edited) doomkiller said: If I may ask what is "regexp" ?Regular Expressions. Check out this:dim $array[12] $array[0] = "Active Connections" $array[1] = "" $array[2] = " Proto Local Address Foreign Address State" $array[3] = "" $array[4] = " TCP 192.168.0.101:1171 64.12.24.196:5190 ESTABLISHED" $array[5] = " TCP 192.168.0.101:1306 207.150.170.236:6667 ESTABLISHED" $array[6] = " TCP 192.168.0.101:1688 63.241.83.11:6112 TIME_WAIT" $array[7] = " TCP 192.168.0.101:1689 63.241.83.8:6112 ESTABLISHED" $array[8] = " TCP 192.168.0.101:1690 63.241.83.18:6112 TIME_WAIT" $array[9] = " TCP 192.168.0.101:1692 63.241.83.9:6112 TIME_WAIT" $array[10] = " TCP 192.168.0.101:1693 63.241.83.9:6112 TIME_WAIT" $array[11] = " TCP 192.168.0.101:1694 63.241.83.9:6112 TIME_WAIT" ;$pattern = "\s*TCP\s*(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):(\d*)\s*(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):(\d*).*" ;$pattern ="\s*((?:\d{1,3}\.){3}\d{1,3}):(\d*)\s*((?:\d{1,3}\.){3}\d{1,3}):(\d*).*" ;$pattern = "\s*((?:\d+\.){3}\d+):(\d*)\s*((?:\d+\.){3}\d+):(\d*).*" ;================================================================== ;== As the text is an output of netstat, there is no need to be ;== overly careful to check the IP syntax, so the following pattern ;== will do ;================================================================== $pattern = "\s*((?:\d+\.)+\d+):(\d+)\s*((?:\d+\.)+\d+):(\d+).*" for $n = 0 to Ubound($array)-1 if StringInStr($array[$n],"TCP") then $ips_and_ports = StringRegExp($array[$n],$pattern,1) for $i = 0 to Ubound($ips_and_ports)-1 msgbox(0,"", $ips_and_ports[$i]) next endif nextJust wrap my code with some file reading "stuff".EDIT: Changed the pattern to a shorter one.CheersKurt Edited September 13, 2005 by /dev/null __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *
doomkiller Posted September 14, 2005 Author Posted September 14, 2005 (edited) First thanks for the help guys. /dev/null/ Your code looks great but its quite hard for me understand but i'm slowly going through it. When i first checked out some of the functions and examples on the documentation it all seemed good but one thing $ips_and_ports = StringRegExp($array[$n],$pattern,1) $ips_and_ports = ^ ERROR that function is not there. Edited September 14, 2005 by doomkiller
/dev/null Posted September 14, 2005 Posted September 14, 2005 doomkiller said: $ips_and_ports = StringRegExp($array[$n],$pattern,1) $ips_and_ports = ^ ERRORthat function is not there.StringRegExp is only available in the current beta. http://www.autoitscript.com/autoit3/files/beta/autoit/ Please install that and then try again.CheersKurt __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *
Bi0haZarD Posted September 14, 2005 Posted September 14, 2005 (edited) just a little sugestion, if its always the top item in the list you could try to just read that single line. like.. $IP = FileReadLine("C:\IP.txt", 4) *guessing its line 5 from the example* or, use a do until loop and substitute the 4 for an increasing integer. and search each line for text that has "5190" using StringInStr. Edited September 14, 2005 by Bi0haZarD
jefhal Posted September 14, 2005 Posted September 14, 2005 Quote $array[4] = " TCP 192.168.0.101:1171 64.12.24.196:5190 ESTABLISHED"Why not grab both parts of the line at the same time? Put the first line into a variable called $rawline. Then have two trim statements:One that trims $rawline from the first colon to the three spaces to the right of the first port number, and One that trims everything in $rawline from the first colon to the left, then trims the remaining segment to the 3 spaces in the middle to the three spaces on the right:$port = stringleft(stringtrimleft($rawline,stringinstr($rawline,":")," ") $ip = you do the math (I'm not at my desk to do it for you) ...by the way, it's pronounced: "JIF"... Bob Berry --- inventor of the GIF format
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now