在TCL中使用正则表达式从数据包流中过滤IP和MAC地址

时间:2013-03-11 08:42:40

标签: regex tcl

我需要使用 TCL 的正则​​表达式来检查我的src ip(11.1.1.1)和src mac addr(00:40:43:b9:32:94)数据如下:

Frame 5603: 90 bytes on wire (720 bits), 90 bytes captured (720 bits)
Ethernet II, Src: NokiaSie_b9:32:94 (00:40:43:b9:32:94), Dst: OmronTat_53:6a:5b (00:00:0a:53:6a:5b)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
Internet Protocol Version 4, Src: 11.1.1.1 (11.1.1.1), Dst: 13.1.1.1 (13.1.1.1)
User Datagram Protocol, Src Port: 49184 (49184), Dst Port: 49152 (49152)
Data (44 bytes)

1 个答案:

答案 0 :(得分:0)

你走了:

set data "
    Frame 5603: 90 bytes on wire (720 bits), 90 bytes captured (720 bits)
    Ethernet II, Src: NokiaSie_b9:32:94 (00:40:43:b9:32:94), Dst: OmronTat_53:6a:5b (00:00:0a:53:6a:5b)
    802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
    Internet Protocol Version 4, Src: 11.1.1.1 (11.1.1.1), Dst: 13.1.1.1 (13.1.1.1)
    User Datagram Protocol, Src Port: 49184 (49184), Dst Port: 49152 (49152)
    Data (44 bytes)
"
regexp {Src:.*?(\([^)]+\)).*?Src:.*?(\([^)]+\))} $data match mac ip
puts "mac = $mac"
puts "ip = $ip"

输出:

mac = (00:40:43:b9:32:94)
ip = (11.1.1.1)
相关问题
最新问题