[Tutor] RegEx [Was: Parsing iptables log files]
Erik Price
erikprice@mac.com
Wed, 4 Sep 2002 11:20:01 -0400
On Wednesday, September 4, 2002, at 10:34 AM, Amaya Rodrigo Sastre
wrote:
> # This one works, but doesn't match ID:
> # my_re =
> "(\w+\s\d+\s\d+:\d+:\d+).+SRC=([\d.]+)\s+DST=([\d.]+)\s(.*TTL=([\d]))+I
> D=([\d.]+)\s+(.*TCP|UDP)\s+SPT=(\d+)\s+DPT=(\d+)\s+SEQ=(\d+)\s+ACK=(\d+
> )')"
[...]
> for line in my_file.xreadlines():
> print line
> match = pattern.search(line)
> #if not match: continue
> #if not match:
> # print "No"
> # continue
> date = match.group(1)
> src_addr = match.group(2)
> dst_addr = match.group(3)
> p_id = match.group(5)
> src_port = int(match.group(7))
> dst_port = int(match.group(8))
> seq = match.group(9) # seq and ack are too big for
> int, they
> ack = match.group(10) # need long, so i left them as
> strings
[...]
> The commented one finds this:
> [0, 'Aug 17', '20:41:55', '192.168.100.10', '192.168.100.10', 43085,
> 80, '307515611', '0']
>
> I now want to match find the ID= field, but I don't seem to be able.
> I have gone through http://py-howto.sourceforge.net/regex/ and
> couldn't find a
> reason for my regex not to work...
The ID looks like the sixth group. I don't see you assigning the sixth
group to anything in your for loop.
Erik
--
Erik Price
email: erikprice@mac.com
jabber: erikprice@jabber.org