BASH - 我如何获取IP地址并制作预期列表？

Question

如何从一个文件中搜索这些线路，并采取只有最后一个IP地址：

2014-02-14 06:42:00.527219 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 172.246.198.82 
2014-02-14 06:50:44.967314 [WARNING] sofia_reg.c:2701 Can't find user [500@xxxxxx] from 172.246.162.250 
2014-02-14 06:54:38.587312 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 172.246.198.82 
2014-02-14 07:05:32.667277 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 172.246.198.82 
2014-02-14 07:10:08.067256 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 07:16:29.747256 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 172.246.198.82 
2014-02-14 07:30:16.587253 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 07:46:10.727254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:11.247254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:11.767254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:12.267221 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:12.767224 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:13.307251 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:13.767254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:14.587252 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:15.267221 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:16.007254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:16.507251 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:20.347236 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 07:46:20.807254 [WARNING] sofia_reg.c:2701 Can't find user [admin@xxxxxx] from 207.244.67.213 
2014-02-14 08:01:18.467226 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 08:32:18.127200 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 09:00:29.967234 [WARNING] sofia_reg.c:2701 Can't find user [3000@xxxxxx] from 172.246.162.250 
2014-02-14 09:03:13.207173 [WARNING] sofia_reg.c:2701 Can't find user [100@xxxxxx] from 188.138.118.22 
2014-02-14 09:07:35.747256 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:36.187216 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:36.627217 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:37.067262 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:37.507219 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:37.927256 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:38.307205 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:38.947256 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:39.587246 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:40.327255 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:40.767255 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:41.207189 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:41.667163 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:07:42.107255 [WARNING] sofia_reg.c:2701 Can't find user [6000@xxxxxx] from 207.244.67.213 
2014-02-14 09:14:53.367170 [WARNING] sofia_reg.c:2701 Can't find user [3000@xxxxxx] from 172.246.162.250 
2014-02-14 09:18:57.127288 [WARNING] sofia_reg.c:2701 Can't find user [340136@xxxxxx] from 199.115.112.66 

从上面做一个列表如下：

-A INPUT -s 176.58.71.212/32 -j DROP 
.. 

尝试：但不工作像预期

grep "Can't find user" /usr/local/freeswitch/log/freeswitch.log | awk '{print $10}' | xargs echo "-A \n" 

Answer 1

简单的解决方案如下： -

grep "Can't find user" /usr/local/freeswitch/log/freeswitch.log | \ 
awk '{print "-A INPUT -s " $10 "-j DROP"}' 

根据评论中的要求，您想删除重复项。这是可以实现如下： -

grep "Can't find user" /usr/local/freeswitch/log/freeswitch.log | \ 
awk '{print "-A INPUT -s " $10 "-j DROP"}' | sort -u 

如前所述在评论中还有其他方法可以做到这一点稍长解释也可能稍快执行。 awk可以匹配模式本身，这意味着我们不需要grep。这可以如下完成： -

awk '/find user/ {print "-A INPUT -s " $NF "-j DROP"}' /usr/local/freeswitch/log/freeswitch.log 

N.B.我使用了字符串“find user”而不是“Can not find user”来避免字符串转义问题。

您也可以使用awk变量$ NF（字段数）使脚本更健壮一些。

Answer 2

试试这个，以避免DUP的

awk '/Can'"'"'t find user/ && !x[$NF]++ { print "-A INPUT -s " $NF "-j DROP" }' /usr/local/freeswitch/log/freeswitch.log