BASH - 我如何獲取IP地址並製作預期列表？

Question

如何從一個文件中搜索這些線路，並採取只有最後一個IP地址：

2014-02-14 06:42:00.527219 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 172.246.198.82 
2014-02-14 06:50:44.967314 [WARNING] sofia_reg.c:2701 Can't find user [500@xxxxxx] from 172.246.162.250 
2014-02-14 06:54:38.587312 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 172.246.198.82 
2014-02-14 07:05:32.667277 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 172.246.198.82 
2014-02-14 07:10:08.067256 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 07:16:29.747256 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 172.246.198.82 
2014-02-14 07:30:16.587253 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 07:46:10.727254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:11.247254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:11.767254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:12.267221 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:12.767224 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:13.307251 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:13.767254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:14.587252 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:15.267221 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:16.007254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:16.507251 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:20.347236 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:20.807254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 08:01:18.467226 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 08:32:18.127200 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 09:00:29.967234 [WARNING] sofia_reg.c:2701 Can't find user [3000@xxxxxx] from 172.246.162.250 
2014-02-14 09:03:13.207173 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 09:07:35.747256 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:36.187216 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:36.627217 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:37.067262 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:37.507219 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:37.927256 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:38.307205 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:38.947256 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:39.587246 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:40.327255 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:40.767255 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:41.207189 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:41.667163 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:42.107255 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:14:53.367170 [WARNING] sofia_reg.c:2701 Can't find user [3000@xxxxxx] from 172.246.162.250 
2014-02-14 09:18:57.127288 [WARNING] sofia_reg.c:2701 Can't find user [340136@xxxxxx] from 199.115.112.66 

從上面做一個列表如下：

-A INPUT -s 176.58.71.212/32 -j DROP 
.. 

嘗試：但不工作像預期

grep "Can't find user" /usr/local/freeswitch/log/freeswitch.log | awk '{print $10}' | xargs echo "-A \n" 

Answer 1

簡單的解決方案如下： -

grep "Can't find user" /usr/local/freeswitch/log/freeswitch.log | \ 
awk '{print "-A INPUT -s " $10 "-j DROP"}' 

根據評論中的要求，您想刪除重複項。這是可以實現如下： -

grep "Can't find user" /usr/local/freeswitch/log/freeswitch.log | \ 
awk '{print "-A INPUT -s " $10 "-j DROP"}' | sort -u 

如前所述在評論中還有其他方法可以做到這一點稍長解釋也可能稍快執行。 awk可以匹配模式本身，這意味着我們不需要grep。這可以如下完成： -

awk '/find user/ {print "-A INPUT -s " $NF "-j DROP"}' /usr/local/freeswitch/log/freeswitch.log 

N.B.我使用了字符串「find user」而不是「Can not find user」來避免字符串轉義問題。

您也可以使用awk變量$ NF（字段數）使腳本更健壯一些。

Answer 2

試試這個，以避免DUP的

awk '/Can'"'"'t find user/ && !x[$NF]++ { print "-A INPUT -s " $NF "-j DROP" }' /usr/local/freeswitch/log/freeswitch.log