我有一个ip list array
ip_array=['192.168.1.100' '192.168.1.101' '192.168.1.102' '192.168.1.103' '192.168.1.104' '192.168.1.105' '192.168.1.106' '192.168.1.107' '192.168.1.108' '192.168.1.109' '192.168.1.110']
我想对ip_array运行iptables输出并获得结果。 e.g
pkts bytes target prot opt in out source destination
83276 4337105 RETURN 0 -- * * 192.168.1.106 0.0.0.0/0
166008 230477883 RETURN 0 -- * * 0.0.0.0/0 192.168.1.106
0 0 RETURN 0 -- * * 192.168.1.107 0.0.0.0/0
0 0 RETURN 0 -- * * 0.0.0.0/0 192.168.1.107
0 0 RETURN 0 -- * * 192.168.1.103 0.0.0.0/0
0 0 RETURN 0 -- * * 0.0.0.0/0 192.168.1.103
99 9144 RETURN 0 -- * * 192.168.1.102 0.0.0.0/0
79 11590 RETURN 0 -- * * 0.0.0.0/0 192.168.1.102
0 0 RETURN 0 -- * * 192.168.1.101 0.0.0.0/0
0 0 RETURN 0 -- * * 0.0.0.0/0 192.168.1.101
994874 51992106 RETURN 0 -- * * 192.168.1.100 0.0.0.0/0
2398169 3594009427 RETURN 0 -- * * 0.0.0.0/0 192.168.1.100
0 0 RETURN 0 -- * * 192.168.1.106 0.0.0.0/0
0 0 RETURN 0 -- * * 0.0.0.0/0 192.168.1.106
从我之前的帖子中我了解到我可以使用awk获取字节信息
iptables -L RRDIPT -vnx -t filter |awk '!/destination/{a[$9]+=$2}END{for(item in a){total+=a[item];dl[item]=a[item];printf item"-"a[item]}}'
但由于ip地址不断变化,我希望我的输出格式相同..
i.e bytesof 192.168.1.100, bytesof 192.168.1.102, bytesof 192.168.1.103, bytesof 192.168.1.104.......bytesof 192.168.1.110
我想看到以下输出
[3594009427,0,11590,0,0,0,230477883,0,0,0,0]
我尝试使用数组
iptables -L RRDIPT -vnx -t filter |awk '!/destination/{a[$9]+=$2}END{for(item in a){if(item==ip_array[i]){dl[i]=a[item];printf dl[i];}else{dl[i]=0}i+=i;}}'
我将dl声明为全局数组,但我似乎无法访问值dl[0]以进行进一步处理。
有人可以帮忙吗?
答案 0 :(得分:1)
试试这个:
iptables ... | awk 'BEGIN { base="192.168.1"; startrange=100; endrange=110 } NR > 1 { a[$9] += $2} END {for (i=startrange; i<=endrange; i++) {ip = base "." i; if (! a[ip]) a[ip] = 0; print ip, a[ip]}}'
更改startrange和endrange值以适合您。
示例输出:
192.168.1.100 9196
192.168.1.101 0
192.168.1.102 0
192.168.1.103 0
192.168.1.104 21009126
192.168.1.105 0
192.168.1.106 0
192.168.1.107 10333
192.168.1.108 0
192.168.1.109 0
192.168.1.110 120