How to insert an array in to the middle of another array after a certain pattern

------=_Part_13037_4432203.1176492002967
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hello everyone,

I'm a Perl beginner and I've been trying for a while to to insert an array
in to the middle of another array after a certain pattern.
Here is what I'm trying to do...I have the Linux Iptables configuration
file, which has a custom chain called MAC which hold all the IP to MAC
entries mappings. Since I update the list manually, I usually end up with IP
addresses here and there...I managed to put all the sorted IP to MAC entries
on a seperate array, and then remove all the MAC entries from the original
file...So what I basically need to do is insert the sorted iptables array
between the INPUT and OUTPUT chains. Here is a sample output of the array,
when all MAC entries are removed...

# Generated by iptables-save v1.3.0 on Wed Jan 17 10:35:18 2007
*filter
:FORWARD DROP [7:336]
:INPUT DROP [11:904]
:MAC - [0:0]
:OUTPUT DROP [7:7994]
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -s 192.168.0.222 -j ACCEPT
-A FORWARD -s 192.168.0.25 -j ACCEPT
-A FORWARD -s 192.168.0.15 -j ACCEPT
-A FORWARD -s 192.168.0.74 -j ACCEPT
-A FORWARD -s 192.168.0.33 -j ACCEPT
-A FORWARD -s 192.168.0.247 -j ACCEPT
-A FORWARD -s 192.168.0.36 -j ACCEPT
-A FORWARD -s 192.168.0.17 -j ACCEPT
-A FORWARD -s 192.168.0.182 -j ACCEPT
-A FORWARD -s 192.168.0.99 -j ACCEPT
-A FORWARD -s 192.168.0.97 -p tcp --dport 9099 -j ACCEPT
-A FORWARD -s 192.168.0.18 -p tcp -m tcp --dport 21 -j ACCEPT
-A FORWARD -p tcp -m tcp --dport 22 -j MAC
-A FORWARD -p udp -m udp --dport 53 -j ACCEPT
-A FORWARD -p tcp -m tcp --dport 110 -j MAC
-A FORWARD -p tcp -m tcp --dport 6346 -j ACCEPT
-A FORWARD -s 192.168.0.204 -p tcp -m tcp --dport 21 -j ACCEPT
-A FORWARD -p tcp -m tcp --dport 22 -j MAC
-A FORWARD -p tcp -m tcp --dport 6667 -j MAC
-A FORWARD -s 192.168.0.204 -p tcp -m tcp --dport 995 -j MAC
-A FORWARD -s 192.168.0.204 -p tcp -m tcp --dport 465 -j MAC
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -p icmp -j ACCEPT
-A INPUT -i eth1 -p tcp -m tcp --dport 22 -j MAC
-A INPUT -p tcp -m tcp --dport 25 -j MAC
-A INPUT -i eth1 -p tcp -m tcp --dport 8080 -j MAC
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmp -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 22 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 2020 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 2082 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 2802 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 23 -j ACCEPT
COMMIT
# Completed on Wed Jan 17 10:35:18 2007
# Generated by iptables-save v1.3.0 on Wed Jan 17 10:35:18 2007
*nat
:OUTPUT ACCEPT [9:8239]
:POSTROUTING ACCEPT [2:245]
:PREROUTING ACCEPT [53:5377]
-A POSTROUTING -s 192.168.0.0/255.255.255.0 -o eth2 -j SNAT --to-source
202.21.179.2
COMMIT
# Completed on Wed Jan 17 10:35:18 2007

and here is the code I wrote:

#!/usr/bin/perl -w

use strict ;

my $file = "iptables.bac" ;
my @sorted_list ;
my %barrel ;
my $item = 0 ;

open IPTABLES, $file
        or die "Could not open '$file': $!\n" ;
my @content = <IPTABLES> ;

foreach (@content) {
        if (/.*-A MAC/) {
                my @chunks = split ;
                my $last_octet = $chunks[3] ;
                $last_octet =~ s/^.*\.// ;
                $barrel{$last_octet} = $_ ;
        }
}

foreach (sort { $a <=> $b } keys %barrel) {
        push @sorted_list, $barrel{$_} ;
}

foreach (@content) {
        s/.*-A MAC.*\n$// ;
}

print @content ;

Can someone please help me...Thank you in advance...!

-- 
Typos
FourThirty Inc.
Domain Administrator

------=_Part_13037_4432203.1176492002967--
0
typos
4/13/2007 7:20:02 PM
perl.beginners 29363 articles. 3 followers. Follow

1 Replies
338 Views

Similar Articles

[PageSpeed] 13

Typos wrote:
> Hello everyone,

Hello,

> I'm a Perl beginner and I've been trying for a while to to insert an array
> in to the middle of another array

perldoc -f splice

> after a certain pattern.

More difficult.  You first have to determine at what array index the pattern
exists.

> Here is what I'm trying to do...I have the Linux Iptables configuration
> file,

A file is not an array, unless you use the Tie::File module.

> which has a custom chain called MAC which hold all the IP to MAC
> entries mappings. Since I update the list manually, I usually end up
> with IP addresses here and there...I managed to put all the sorted
> IP to MAC entries on a seperate array, and then remove all the MAC
> entries from the original file...So what I basically need to do is
> insert the sorted iptables array between the INPUT and OUTPUT
> chains. Here is a sample output of the array, when all MAC entries
> are removed...

When all MAC entries are in the file are they all grouped together like the
FORWARD, INPUT and OUTPUT entries?  Where do you get the "sorted iptables
array" from?

Perhaps something like this (UNTESTED):

while ( <FILE> ) {
    if ( ?^-A OUTPUT? ) {
        print @sorted_iptables;
        }
    print;
    }




John
-- 
Perl isn't a toolbox, but a small machine shop where you can special-order
certain sorts of tools at low cost and in short order.       -- Larry Wall
0
krahnj
4/13/2007 9:26:46 PM
Reply: