Posted By

alti on 01/21/08


Tagged

Shell pf


Versions (?)

Display All hostnames Which Matched A Pf Rule


 / Published in: Bash
 

  1. for i in $(tcpdump -n -e -ttt -r /var/log/pflog |grep match | awk '{print $10}' | grep -v '\:\:' | cut -f '1 2 3 4' -d . | sort -u); do host $i | awk '{print $5}' | grep -Ev 'NXDOMAIN|SERVFAIL|^no$|^for$' | sed 's/\.$//g'; done

Report this snippet  

You need to login to post a comment.