opendir(DIR, "/clog1") || die("Unable to open logdir: $!");
@dirlist = readdir(DIR);
closedir(DIR) || die("Unable to close logdir");

open(OUTFILE, ">/home/chammer/scan_rpt") || die("Unable to open outfile: $!");



for $ent ( @dirlist ) {

  if ( $ent =~ /fw/ ) {
       open(LOGFILE, "</clog1/$ent") || die("Unable to open log for read access: $!");
       while ( <LOGFILE> ) {
       chomp ;
         if ( $_ =~ /Deny inbound.*outside/ ) {
            $_ =~ s/^.*src outside:([0-9.]+).*dst.*/\1/ ;
         }
         elsif ( $_ =~ /IP packet/ ) {
            $_ =~ s/^.*from ([0-9.]+) to.*/\1/ ;
         }
         else {
           next ;
         }
         if ( exists ( $iphash{$_} ) ) {
              $iphash{$_}{count} ++ ;
         } else {
              $iphash{$_}{count} = 1 ;
         }
       }
       close(LOGFILE) || die("Unable to close log: $!");
  }
  else {
    next ;
  }

}

}

while ( keys ( %iphash ) > 0 ) {
$hc = 0 ;
      while (($k,$v) = each ( %iphash )) {
            if ( $v->{count} > $hc ) {
               $hc = $v->{count} ;
               $hi = $k ;
            }
      }


      printf ( "%s - %s\n" , $hi , $iphash{$hi}{count} ) ;
      delete ( $iphash{$hi} ) ;
}

exit ;