FireBall
asked on
Search in text file in column and compare
this is the inside of a.txt and i need a perl script that called like
perl a.pl a.txt 10.255.255.2
and it will start a decide mechanism
it will select the lines from $destination ip and group them for each other column like that will get the biggest :
10.255.255.2 TotalLine 1000
10.255.255.2 UDP 500 times
10.255.255.2 13 TTL 450 times
10.255.255.2 SameData 470 times
......
the column order is :
Time
Protocol Name
Flags
Protocol ID
TTL
SRC IP
SRC Port
Dest IP
Dest Port
Data Length
First 30 Byte of data
perl a.pl a.txt 10.255.255.2
and it will start a decide mechanism
it will select the lines from $destination ip and group them for each other column like that will get the biggest :
10.255.255.2 TotalLine 1000
10.255.255.2 UDP 500 times
10.255.255.2 13 TTL 450 times
10.255.255.2 SameData 470 times
......
the column order is :
Time
Protocol Name
Flags
Protocol ID
TTL
SRC IP
SRC Port
Dest IP
Dest Port
Data Length
First 30 Byte of data
1439998658000 UDP 17 254 136.17.139.22 4488 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 44.35.5.131 9004 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 182.225.11.152 57782 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 165.88.135.184 22693 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 75.154.45.1 39499 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 182.87.50.206 22454 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 48.108.93.197 27696 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 1.112.117.104 28673 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 189.167.113.4 42941 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 13.208.145.43 53261 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 192.135.192.197 34752 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 209.88.52.22 22737 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 161.136.179.148 34977 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 141.171.137.167 43917 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 68.54.9.219 13892 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 42.23.142.205 5930 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 40.239.79.155 61224 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 26.231.157.230 59162 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 11.219.104.180 56075 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 176.125.231.113 32176 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 190.207.175.54 53182 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 67.29.32.215 7491 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 148.54.46.50 13972 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 60.185.251.176 47420 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 151.22.125.243 5783 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 36.71.186.169 18212 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 200.244.15.240 62664 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 133.46.124.125 11909 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 33.154.128.163 39457 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 3.35.227.250 8963 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 17.106.144.188 27153 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 149.94.108.100 24213 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 153.219.4.100 56217 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 29.114.66.113 29213 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 17.59.206.201 15121 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 168.173.86.176 44456 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 85.17.105.142 4437 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 36.82.145.50 21028 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 25.29.115.121 7449 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 52.60.238.134 15412 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 143.153.111.201 39311 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 28.154.11.121 39452 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 85.221.160.151 56661 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 157.165.164.251 42397 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 44.5.189.65 1324 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 40.225.184.58 57640 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 35.84.164.190 21539 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 145.94.247.57 24209 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 110.136.145.12 34926 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 30.213.131.8 54558 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 147.40.151.209 10387 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 208.183.249.254 47056 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 194.36.127.46 9410 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 174.143.184.253 36782 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 21.29.254.78 7445 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 170.16.152.71 4266 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 68.124.229.191 31812 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 97.76.23.97 19553 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 50.137.109.185 35122 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 217.155.167.172 39897 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 77.96.147.109 24653 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 99.11.132.226 2915 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 44.76.172.134 19500 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 39.5.72.23 1319 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 223.184.183.160 47327 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 171.195.78.44 50091 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 200.58.236.212 15048 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 153.147.138.29 37785 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 93.243.13.62 62301 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 29.216.107.211 55325 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 70.227.133.67 58182 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 29.136.58.237 34845 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 122.195.63.223 50042 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 75.0.150.55 75 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 123.130.172.96 33403 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 177.42.100.218 10929 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 96.94.213.177 24160 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 191.189.222.170 48575 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 62.102.120.25 26174 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 215.59.170.118 15319 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 112.34.71.75 8816 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 99.119.190.181 30563 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 55.190.226.39 48695 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 75.209.180.183 53579 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 52.130.202.107 33332 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 113.70.50.181 18033 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 181.64.209.128 16565 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 104.165.57.33 42344 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 128.82.30.149 21120 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 203.118.4.145 30411 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 121.213.253.47 54649 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 210.190.156.76 48850 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 74.249.242.233 63818 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 12.142.50.212 36364 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 61.6.123.227 1597 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 78.53.11.166 13646 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 202.65.143.34 16842 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 100.72.221.53 18532 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 128.28.98.159 7296 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 113.88.240.5 22641 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 121.213.16.107 54649 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 99.112.27.104 28771 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 196.40.185.89 10436 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 195.249.246.102 63939 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 85.125.163.97 32085 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 5.17.18.111 4357 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 12.88.118.222 22540 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 3.186.8.167 47619 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 80.100.205.152 25680 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 85.212.152.154 54357 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 124.191.5.180 49020 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 71.184.253.123 47175 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 192.207.24.132 53184 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 135.96.37.202 24711 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 148.6.228.74 1684 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 123.231.67.230 59259 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 193.27.119.49 7105 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 78.13.177.149 3406 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 220.159.225.215 40924 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 72.231.191.110 59208 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 51.148.4.69 37939 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 77.87.139.112 22349 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 11.31.44.223 7947 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 182.245.48.117 62902 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 218.72.197.212 18650 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 212.34.212.173 8916 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 3.180.239.64 46083 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 143.137.214.32 35215 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 217.146.159.175 37593 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 83.118.0.20 30291 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 103.132.217.19 33895 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 142.243.152.19 62350 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 215.52.7.41 13527 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 71.138.138.5 35399 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 26.197.234.95 50458 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 69.218.125.70 55877 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 210.203.183.170 52178 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 17.178.159.40 45585 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 199.244.52.71 62663 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 96.94.232.236 24160 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 219.66.172.110 17115 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 47.81.132.60 20783 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 132.118.139.233 30340 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 91.7.204.233 1883 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 94.1.179.131 350 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 50.60.19.222 15410 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 146.112.61.240 28818 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 91.225.218.194 57691 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 9.53.146.254 13577 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 186.140.152.123 36026 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 191.119.39.29 30655 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 210.197.158.68 50642 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 7.53.41.177 13575 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 27.29.220.198 7451 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 41.5.91.82 1321 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 72.200.172.186 51272 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 116.126.244.103 32372 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 75.179.59.92 45899 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 139.243.47.198 62347 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 181.64.111.145 16565 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 84.132.165.89 33876 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 182.250.25.243 64182 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 158.219.226.219 56222 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 43.25.123.237 6443 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 31.172.81.47 44063 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 66.124.131.208 31810 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 22.65.126.222 16662 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 97.63.213.56 16225 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 113.251.205.215 64369 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 173.195.97.103 50093 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 125.118.34.156 30333 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 29.161.72.72 41245 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 184.84.143.44 21688 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 90.23.25.163 5978 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 57.255.117.166 65337 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 169.220.92.135 56489 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 68.144.163.107 36932 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 121.182.253.182 46713 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 115.249.20.114 63859 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 40.150.84.93 38440 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 178.71.153.37 18354 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 188.78.118.198 20156 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 115.142.65.33 36467 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 8.178.54.219 45576 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 67.106.178.68 27203 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 95.119.227.12 30559 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 176.215.129.2 55216 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 78.69.186.228 17742 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 186.146.1.0 37562 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 59.19.150.65 4923 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 202.190.193.163 48842 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 63.13.125.219 3391 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 55.237.164.26 60727 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 219.128.206.35 32987 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 195.173.250.62 44483 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 167.195.195.86 50087 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 101.17.52.247 4453 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 179.209.104.156 53683 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 86.250.213.226 64086 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 27.136.175.23 34843 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 56.144.111.177 36920 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 130.64.77.9 16514 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 102.188.226.98 48230 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 144.27.85.169 7056 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 205.72.145.26 18637 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 128.136.92.117 34944 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 51.255.215.149 65331 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 81.7.152.47 1873 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 59.1.197.181 315 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 79.233.14.126 59727 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 154.183.117.135 47002 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 160.70.182.44 18080 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 79.125.200.184 32079 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 14.124.97.72 31758 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 151.201.168.2 51607 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 134.84.109.164 21638 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 187.196.166.79 50363 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 6.255.83.30 65286 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 18.144.129.227 36882 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 136.158.71.127 40584 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 72.127.106.86 32584 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 20.218.91.190 55828 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 89.0.187.142 89 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 168.16.172.214 4264 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 166.58.104.93 15014 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 159.203.149.34 52127 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 31.18.83.202 4639 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 140.85.5.27 21900 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 50.118.124.156 30258 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 62.201.205.63 51518 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 163.208.89.223 53411 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 182.184.163.167 47286 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 193.135.212.84 34753 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 128.33.58.85 8576 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 10.19.116.185 4874 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 32.14.39.132 3616 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 188.177.144.219 45500 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 152.78.136.248 20120 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 110.57.240.140 14702 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 145.107.25.181 27537 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 53.76.192.21 19509 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 164.204.45.153 52388 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 37.138.156.55 35365 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 91.107.224.100 27483 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 41.249.110.114 63785 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 24.145.25.90 37144 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 207.47.204.37 12239 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 178.197.176.118 50610 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 186.10.199.42 2746 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 137.238.11.139 61065 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 137.176.24.11 45193 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 153.79.32.111 20377 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 203.242.16.243 62155 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 21.42.32.202 10773 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 83.238.210.58 61011 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 131.88.3.65 22659 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 53.224.98.242 57397 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 30.13.143.13 3358 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 46.8.66.216 2094 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 80.177.23.8 45392 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 15.148.23.128 37903 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 104.96.55.252 24680 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 193.117.3.201 30145 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 45.99.85.200 25389 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 5.76.158.141 19461 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 161.39.65.137 10145 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 177.198.72.237 50865 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 74.113.197.16 29002 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 129.113.254.96 29057 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
1439998658000 UDP 17 254 190.53.177.209 13758 10.255.255.2 53 1048 000000000000000000000000000000000000000000000000000000000000
I assume this is a continuation of your previous question. If so, I'd suggest providing your current script in this question (or a link to the previous question) so that it is easier for people to modify the script to do what you want (or do you actually want a separate script this time?).
ASKER
actually that will be just one script which is called from the other side after one second.
It logs into a text file and it has been succeded now i am checking from mysql for the connection counts and decide if there is an anomality on situation then if an ip address has anomality then it returns back to logs and search for the percantage of the processes.
so if i got a cumulative values for an ip address from the log
then i will create an ip tables rule to block the attack for x minutes then it will remove the block so it will allow to block attack
that will resolve
flood from same ip
flood from spoof ip with same data
but it will get more condition as possible as much like TTL , Packet size ....
It logs into a text file and it has been succeded now i am checking from mysql for the connection counts and decide if there is an anomality on situation then if an ip address has anomality then it returns back to logs and search for the percantage of the processes.
so if i got a cumulative values for an ip address from the log
then i will create an ip tables rule to block the attack for x minutes then it will remove the block so it will allow to block attack
that will resolve
flood from same ip
flood from spoof ip with same data
but it will get more condition as possible as much like TTL , Packet size ....
ASKER
That is a powerfull cent os server which has dual E5 2670 CPU and dual X520 10G ethernet cards to just stop
ACK , SYN , UDP , HTTP .... floods which uses same packet or same ip or same source port or same ttl :)
if it gets more then 3 Condition witha value of
total line - standart connection count = Y
%80 x Y = Smallest value we are looking for on the sum of the columns grouped by the ip address
ACK , SYN , UDP , HTTP .... floods which uses same packet or same ip or same source port or same ttl :)
if it gets more then 3 Condition witha value of
total line - standart connection count = Y
%80 x Y = Smallest value we are looking for on the sum of the columns grouped by the ip address
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.