Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ($utmp_file) = @ARGV;
- print "Parsing file:$utmp_file\n";
- $struct_utmp = "A8A4A12NnnnnNA16N";
- # Todos los numéricos están dados en Network Format (es decir, big endian)
- # Tipos de u_type
- @u_type = ( 'EMPTY','RUN_LVL','BOOT_TIME','OLD_TIME','NEW_TIME',
- 'INIT_PROCESS', # /* Process spawned by "init" */
- 'LOGIN_PROCESS', # /* getty process awaiting login */
- 'USER_PROCESS', # /* A user process */
- 'DEAD_PROCESS',
- 'ACCOUNTING',
- );
- $length = length(pack($struct_utmp));
- open(UTMP, $utmp_file) || die "open: $!\n";
- binmode UTMP;
- print "user,id,line,pid,type,exit_status_termination,exit_status_exit,reserved,time,host,addr\n";
- while (read(UTMP, $_, $length)) {
- ($user, $id, $line, $pid, $type, $exit_status_termination,$exit_status_exit, $reserved, $time, $host, $addr) = unpack($struct_utmp, $_);
- print "$user,$id,$line,$pid,$u_type[$type],$exit_status_termination,$exit_status_exit,$reserved,", scalar localtime($time),",$host,",Integer2Ip($addr),"\n";
- }
- close(UTMP);
- ############################################################################
- #
- # Name: Integer2Ip
- #
- # Purpose: Convert an integer value into an dotted quad
- #
- # Inputs: $integer - Integer value
- #
- # Returns: Dotted quad string, dies in case of problems
- #
- ############################################################################
- sub Integer2Ip ($) {
- my $integer = shift;
- my $four = $integer & 0xff;
- $integer >>= 8;
- my $three = $integer & 0xff;
- $integer >>= 8;
- my $two = $integer & 0xff;
- $integer >>= 8;
- my $one = $integer;
- "$one.$two.$three.$four";
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
