API tools faq
paste
Advertisement
RickeyGevers

Parse IPtables informational logging

RickeyGevers
Jun 12th, 2012
75
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.71 KB | None | 0 0
raw download clone embed print report
  1. #Parse IPtables informational logging
  2. #!/usr/bin/python
  3.  
  4. def select(string, text):
  5. pos = text.find(string)
  6. if pos < 0:
  7. return None
  8. else:
  9. end = text[pos:].find(' ')
  10. out = line[pos + len(string):pos + end]
  11. return out
  12.  
  13.  
  14. def mysql_insert(text):
  15. src = select('SRC=', text)
  16. proto = select('PROTO=', text)
  17. dpt = select('DPT=', text)
  18. #not interested in PING
  19. if proto == 'ICMP':
  20. pass
  21. elif src == '0.0.0.0':
  22. pass
  23. elif dpt == None:
  24. pass
  25. #Exclude own ip
  26. elif src == '1.1.1.1':
  27. pass
  28. #Exclude VPS provider noise
  29. elif src.find('18.100.18') >= 0:
  30. pass
  31. else:
  32. print src, proto, dpt
  33.  
  34.  
  35.  
  36. with open('syslog.1') as f:
  37. for line in f.readlines():
  38. mysql_insert(line)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!