Commits

Anonymous committed 245b587

first commit

正規表現でIP抜き出すツールある

  • Participants

Comments (0)

Files changed (5)

python/20120608/aparse.py

+r = open("dumpdns","r")
+r2 = open("iplist","r")
+
+iplist = []
+for line in r2:
+    iplist.append(line.strip())
+
+for line in r:
+    splited = line.split(" ")
+    count = 0
+    for e in splited:
+        if e == "A":
+            if splited[count+1][-1] == ",":
+                if splited[count+1][:-1] in iplist:
+                    print splited[count-1],splited[count+1]
+            else:
+                if splited[count+1] in iplist:
+                    print splited[count-1],splited[count+1]
+
+        count+=1
+    count = 0

python/20120608/countplus.py

+import sys
+r = open(sys.argv[1],"r")
+
+domainHash = dict()
+
+for line in r:
+    line = line.strip()
+    domainHash.setdefault(line,0)
+    domainHash[line] += 1
+
+
+for key in domainHash.keys():
+    print key + " : " +str(domainHash[key])
+

python/20120608/getReportXMLData.py

+import xml.dom.minidom
+import xml
+import glob
+
+l = glob.glob("reportxml/*")
+iplist = set()
+w = open("iplist","w")
+count = 0
+exceptCount = 0
+for f in l:
+    try:
+        xmldoc = xml.dom.minidom.parse(f)
+    except xml.parsers.expat.ExpatError:
+        exceptCount += 1
+        continue
+    flows = xmldoc.getElementsByTagName("fileobject")
+    for flow in flows:
+        thisip = flow.childNodes[5].getAttribute("dst_ipn")
+        if thisip != "192.168.228.240":
+            size = flow.childNodes[3].childNodes[0].data
+            if size != "0" and flow.childNodes[5].getAttribute("dstport") != "25":
+                print flow.childNodes[5].getAttribute("dst_ipn")
+

python/20120608/ipTrim.py

+import re 
+PATERN = r"A \d+\.\d+\.\d+\.\d+"
+r = open("foo.txt","r")
+
+
+for line in r:
+    m = re.findall(PATERN,line)
+    if m != None:
+        for s in m:
+            print s[2:]
+