Reading a Line from a File then Assigning it to a variable

burningredmoon has asked for the wisdom of the Perl Monks concerning the following question:

I'm working on a simple IDS for class. We have to have a rules file that will be used to log certain packets that I capture. The script is capturing packets fine but I'm stuck on how to go about reading the lines in my rule file and then comparing them to information that I get from reading the packets.

My professor said that the rules file should should look something like this:

Source, IP, [ip of desired packet that I want to log]
Source, Domain, [the domain name of the desired packet]
[download]

Ignoring the brackets, just typing the IP and domain.

And etc where I'll have the source IPs and domains and also the destination IPs and domains of the packets I want to log. The program must be able to take the word "Source" and "IP" (comma separated) and know that I mean compare the IP in the line (from the file) to the IP that I get from

    print "Source IP: ", $ip_obj->{src_ip}, "\n";
[download]

in my program

How would I go about reading line by line and the telling the program to use this line so I can compare them to the packets I've already captured? Sorry for being vague but this is the best I think I can explain it.

Thanks for reading.

Comment on Reading a Line from a File then Assigning it to a variable Select or Download Code

Replies are listed 'Best First'.
Re: Reading a Line from a File then Assigning it to a variable by fidesachates (Monk) on Apr 21, 2011 at 13:53 UTC
This is all about knowing the data. You have to understand the realms of the world you're working in. 1. The first value in a rule can only be Source or Destination. 2. The second value is the name of a value in the packet. 3. The third value is the value in the packet itself. Correct? Then knowing that, start constructing the same guidelines of the data for the ip packets themselves. Know where in the packet you can find whether it's a source or not. Know where the ip is stored and the domain is stored. Once you know all that, it's a simple matching. As you've said, it's vague as to which part of the assignment you're actually having trouble with. If it's not the logic of it, and you're having trouble with coding something that goes through a file line by line, then see below `use warnings; use strict; open(FH, '<', "rules.txt"); my @data = <FH>; close FH; foreach my $value (@data) { chomp($value); my ($SourceorDestination, $name, $value) = split(/,/, $value); #Insert compare code here }` [download] I know that many monks would tell you not to load the contents of the file into an array like I have, but I imagine that your rules file won't be huge and you'll be needing it every time you compare a packet.	[reply] [d/l]
Re^2: Reading a Line from a File then Assigning it to a variable by burningredmoon (Novice) on Apr 21, 2011 at 14:15 UTC
First of all, thank you so much for replying, I think this will help a lot. I was just about to update it, after speaking to a classmate of mine, he told me about using an array. This is exactly what I needed. I'm going to put it in right now and see if I can get it working. You're a life saver!	[reply]
Re^2: Reading a Line from a File then Assigning it to a variable by InfiniteSilence (Curate) on Apr 21, 2011 at 15:06 UTC
"...I know that many monks would tell you not to load the contents of the file ..." Yeah, you guessed that right. What you are essentially doing is reading the file once and then repeatedly splitting each line. Let's say this was production code and you read in the file in that array in the beginning and hold it in memory to processing. Each time you encounter a packet you have to perform the same split over again on the line. Why not split earlier and store in a data structure to save clock cycles? Celebrate Intellectual Diversity	[reply]
Re: Reading a Line from a File then Assigning it to a variable by InfiniteSilence (Curate) on Apr 21, 2011 at 15:15 UTC
Okay, I simply cannot resist asking the question: how did you get into a class where you are studying advanced topics like intrusion detection systems (I think that is what IDS stands for) without knowing how to open a file, read the text, chop it up, and then compare strings? In my college you had to take at least one programming course (it was C) before you were allowed to get into networking classes for this reason. Is this a college level course? Celebrate Intellectual Diversity	[reply]