Re^3: Sifting through firewall rules using a script

Minor stylistic nitpicks before anything substantive: lexical filehandles are better than bareword globals like you've used, and you want to include $! in the error message so you know why the open failed.

open( my $ips, '<', 'TEST_IPS.txt' ) or die "Can't open IPS: $!\n";
[download]

That out of the way you're close but you don't consult %interesting_ips in any way to tell if you have a match. You also want to pull the list of matching IPs out differently.

#!/usr/bin/env perl
use strict;
use warnings;
use Regexp::Common qw( net );

open ( my $ips_fh, '<', "TEST_IPS.txt" ) or die "can't open IPS: $!\n"
+;
open ( my $rules_fh, '<', "test_rules.txt" ) or die "can't open rules:
+ $!\n";

my %interesting_ips;

while( <$ips_fh> ) {
  chomp;
  $interesting_ips{ $_ } = 1;
}

close( $ips_fh );

while( my $fw_line = <$rules_fh> ) {
  chomp( $fw_line );

  my( @addresses ) = $fw_line =~ m{ ($RE{net}{IPv4}) }gx;

  for my $addr ( @addresses ) {
    next unless exists $interesting_ips{ $addr };

    print qq{$.:interesting '$addr': $fw_line\n};
  }
}

close( $rules_fh );

exit 0;

__END__
$ perl pm_foo.plx
1:interesting '10.198.0.0': 133 bba33132-6192-51e8-4d78-c1b7bfd47251 a
+ny V072-AklC-DB MOSSACSQLAdminGroup 10.198.0.0/16 10.210.0.0/16 MOSS_
+SQLAD_10-208-22-1/28 accept  always RDP TCP17338 TCP18230 PING all   
+   change 125213      157309
2:interesting '10.198.1.0': 136 a5ea4ee8-6192-51e8-0252-2017208af83d a
+ny V071-AklC-Web ACHendersonRDPUsers 10.198.1.0/16 10.210.0.0/16 MOSS
+_InternalWeb_10-208-22-16/28 accept  always FTP all
[download]

The cake is a lie.
The cake is a lie.
The cake is a lie.

Comment on Re^3: Sifting through firewall rules using a script Select or Download Code

Replies are listed 'Best First'.
Re^4: Sifting through firewall rules using a script by networkdude (Initiate) on Jan 10, 2022 at 21:01 UTC
I've been debugging it and I wonder if it is a perl version problem, based on this error: `Regexp::Common::_decache(/usr/share/perl5/Regexp/Common.pm:138): 138: my $cache = get_cache(@nonflags); 139: _croak "Can't create unknown regex: \$RE{" 140: . join("}{",@args) . "}"` [download] And this error `Use of uninitialized value $_ in print at (eval 42)[/usr/share/perl/5. +30/perl5db.pl:738] line 2, <$rules_fh> line 1. at (eval 42)[/usr/share/perl/5.30/perl5db.pl:738] line 2, <$rules_fh> + line 1.` [download]	[reply] [d/l] [select]
Re^4: Sifting through firewall rules using a script by networkdude (Initiate) on Jan 10, 2022 at 20:16 UTC
I have tried to get your last edit to work and now it doesn't match anything `grumpy@DC5CG1243JCB:/mnt/c/Linux/Scripts$ perl -w -T rulechecker6.pl grumpy@DC5CG1243JCB:/mnt/c/Linux/Scripts$` [download] Nuthin... I wonder what is going on	[reply] [d/l]
Re^4: Sifting through firewall rules using a script by networkdude (Initiate) on Jan 11, 2022 at 20:33 UTC
interesting - I got it to work exactly as you posted it using an Ubuntu box but on the WSL (Windows Linux), it does not work at all!	[reply]