---------First Part of Script Not Included-------------

my $ip = qr/\b$ips[0][0]\b/o;
my @fwlog;
my $logfile = "/home/jdoe/scripts/fwanalysis/05jul01.drop";
 
open LOG, "$logfile" or die "Can't open $logfile: $!\n";
while (<LOG>){
  if ($_ =~ $ip){
      push (@fwlog, $_); 
 } #end if
} #end while
close LOG;
 
my $i = 0;
 
open(SENDMAIL, "|/usr/lib/sendmail -oi -t")
                      or die "Can't fork for sendmail: $!\n";
 
print SENDMAIL <<EOM;
From: root<root\@localhost>
To: root<root\@localhost>
Subject: Flagged Activity
 
I am the Network Security Manager for ACME INC. While I was performing a scan through our logs I found an ip from you network trying to hack us. Cease or be destroyed.
 
Source IP Address: $ips[0][0]
 
Sample from the firewall logs:
  
foreach (@fwlog){ 
s/192.168.2.3/x.x.x.x/;
print $_;
if($i++ >15){ last }
}#end foreach
 
EOM
close(SENDMAIL) or warn "sendmail didn't close nicely";