On Thu, 2006-08-03 at 15:26 -0700, John W. Krahn wrote:
> Rob Dixon wrote:
> >
> > Tim Wolak wrote:
> >>
> >> if($box =~ m/"$tim"/){
> >
> > Do you intend the quotes? If the lines from the original hosts.deny file
> > (in @boxes) have IP addresses in quotes then you're OK, but otherwise
> > take them out. This is my best guess as to why your code isn't working.
> > Also, you really need to escape the dots in $tim, otherwise they'll match
> > any character instead of literal dots.
> >
> > if ($box =~ /\Q$tim/) {
>
> That won't work correctly either. If $box contains '1.2.3.45' and $tim
> contains '1.2.3.4' then they will "match" although they aren't the same IP
> address.
>
>
> John
> --
> use Perl;
> program
> fulfillment
>
John is patially right, it will match but if its close it will match it
also. Another problem if I try to print the IP to a file it does not do
that either. Below is the changed code:
#!/usr/bin/perl -w
use strict;
use IO::Handle;
my $logfile = "/var/log/messages";
my $secv = "/var/log/secv";
my $hosts = "/etc/hosts.deny";
my $cody = "/etc/hosts.txt";
my @boxes;
my $box;
open(LOG, $logfile) || die "Cannot open logfile for reading: $!";
open(SEC, ">$secv") || die "Can't open file!: $!";
open(HOST, $hosts) || die "Can't open file!: $!";
open(DENY, ">$cody") || die "Can't open file!: $!";
foreach (<HOST>) {
push @boxes, $1 if /(\d+\.\d+\.\d+\.\d+)/;
}
close HOST;
while (<LOG>){
next unless /Failed password for invalid/;
print SEC "Invalied user logon attempt!:$_\n";
next unless /(\d+\.\d+\.\d+\.\d+)/;
my $tim = $1;
foreach $box (@boxes) {
if ($box =~ /$tim/){
print DENY;
} else {
next;
}
}
}
close SEC;
close DENY;
close LOG;
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
