<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2722" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV>Hello all. Please let me know if this is a good place for my
questions.</DIV>
<DIV> </DIV>
<DIV>I am trying to read a log file and get a list of how many times an IP
address get blocked each hour by category PO. An example line in the log
with a block is:</DIV>
<DIV>-------------</DIV>
<DIV>[2005-09-28 10:05:03 -7:00] 127.0.0.1 71.32.59.249 216.163.137.3 - <A
href="http://www.playboy.com/">http://www.playboy.com/</A> blocked 0
PO<BR>-------------</DIV>
<DIV>What I have kinda works but I am not sure if it is the best practice.
This is the first time programming in perl and this is what I have so far:</DIV>
<DIV> </DIV>
<DIV>sub Scanlog {<BR> local($ipb) =
@_;<BR> open my $slog, "-|", "tail -n
50000 $log" or die "Unable to open
$log:$!\n";<BR> open
(OUTPUT,">/etc/squid/iplist.txt");<BR>
open
(OUTPUT2,">/etc/squid/SuspendIpList.txt");<BR>
while (<$slog>){ # assigns each line in turn to
$_<BR> # use an array slice to select the
fields we want<BR> @data = (split
,$_)[1,4,10,5,7];<BR> $hr = (split /:/
,$data[0])[0];<BR> $ip =
"$data[1]";<BR> if($flag eq
$data[2]){<BR> if($hr eq
$hour){<BR> foreach
(/$data[2]/){<BR> $matches += 1
;<BR>
}<BR> if($matches >
$blocklimit){<BR> $ip1 =
"$data[1]/32";<BR> print OUTPUT
"$matches,", "$hour, ","$ip1, <A href='mailto:", "@data","\n'>",
"@data","\n</A>";<BR> print OUTPUT2
"$ip1\n";</DIV>
<DIV> $matched =
$matches;<BR> $matches =
0;<BR>}}}}<BR>close (OUTPUT);<BR>close (OUTPUT2);<BR></DIV>
<DIV>-------------------</DIV>
<DIV>I will take and help I can get.</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>Ryan Lamberton<BR></DIV></BODY></HTML>