grep中的多行搜索

时间:2014-07-27 18:25:08

标签: bash grep

我已经制作了一个nmap输出的文本文件,我试图找到那些端口打开的ip 当我使用grep我没有得到所需的输出只有一个项目是我能够获得IP或文本打开

数据:

Nmap scan report for xxx.xxx.xxx.83 
Host is up (0.050s latency).
PORT   STATE  SERVICE
80/tcp closed http

Nmap scan report for xxx.xxx.xxx.87
Host is up (0.049s latency).
PORT   STATE    SERVICE
80/tcp filtered http

Nmap scan report for xxx.xxx.xxx.89
Host is up (0.051s latency).
PORT   STATE    SERVICE
80/tcp filtered http

Nmap scan report for xxx.xxx.xxx.90
Host is up (0.050s latency).
PORT   STATE  SERVICE
80/tcp closed http

Nmap scan report for xxx.xxx.xxx.93
Host is up (0.051s latency).
PORT   STATE SERVICE
80/tcp open  http

Nmap scan report for xxx.xxx.xxx.96
Host is up (0.051s latency).
PORT   STATE    SERVICE
80/tcp filtered http

Nmap scan report for xxx.xxx.xxx.100
Host is up (0.054s latency).
PORT   STATE    SERVICE
80/tcp filtered http

4 个答案:

答案 0 :(得分:1)

你可以尝试下面的awk命令,

$ awk -v RS="" '/ open /{print $5}' file
xxx.xxx.xxx.93

仅当特定区块包含文本ip

时,才打印open(第5列)

答案 1 :(得分:1)

awkgrep perl之后:

perl -00 -lanE 'say $_ if m/open/' < file

打印:

Nmap scan report for xxx.xxx.xxx.93
Host is up (0.051s latency).
PORT   STATE SERVICE
80/tcp open  http


perl -00 -lanE 'say $F[4] if m/open/' < file

打印

xxx.xxx.xxx.93

答案 2 :(得分:0)

如果每个块总共有4行,并且单词open在最后一行,您可以这样做:

grep -B4 open file

它将显示单词open之前的4行。

答案 3 :(得分:0)

使用awk怎么样?这将在nmap输出中第一次遇到开放端口时报告IP地址:

sh$ awk '$3=="report"{ IP = $5 } $2=="open"&&IP { print IP; IP="" }' nmap.out
xxx.xxx.xxx.93
相关问题
最新问题