ruby - Grep 文件并在 ruby​​ 中提取值

Question

我将如何着手 grep 文件以提取 IP 地址以放入另一个文件？

此命令在 bash 中有效，但我正在尝试将其移植到 ruby​​ 中:

 grep "\b22/open" "/results/nmap_tcp_service_scan.gnmap" | awk '{print $2}' > /results/service_ssh

包含我正在 grep 并放入 service_ssh 的内容的文件如下所示:

Host: 10.10.10.1 (DD-WRT)   Ports: 22/open/tcp//ssh//Dropbear sshd 0.52 (protocol 2.0)/, 53/open/tcp//domain//dnsmasq 2.45/, 80/open/tcp//http//DD-WRT milli_httpd/, 443/open/tcp//ssl|https?///    Ignored State: closed (996) OS: DD-WRT v24-sp2 (Linux 2.6.24)   Seq Index: 204  IP ID Seq: All zeros
Host: 10.10.10.135 (Harmony)    Ports: 5222/open/tcp//xmpp-client//Openfire/, 8088/open/tcp//radan-http?///, 8222/open/tcp//unknown///  Ignored State: closed (997) OS: Linux 2.6.17 - 2.6.36   Seq Index: 203  IP ID Seq: All zeros
Host: 10.10.10.144 (time-capsule)   Ports: 139/open/tcp//netbios-ssn?///, 445/open/tcp//microsoft-ds///, 548/open/tcp//afp//Apple Time Capsule AFP (name: justins-time-capsule; protocol 3.3)/, 5009/open/tcp//airport-admin//Apple AirPort or Time Capsule admin/, 10000/open/tcp//snet-sensor-mgmt?///    Ignored State: closed (995) OS: Apple AirPort Extreme WAP or Time Capsule NAS device (NetBSD 4.99), or QNX 6.5.0    Seq Index: 210  IP ID Seq: Incremental

在 ruby​​ 中这样做会找到正确的行并创建一个数组:

 open('nmap_tcp_service_scan.gnmap').grep(/\b22\/open/)

结果:

 => ["Host: 10.10.10.1 (DD-WRT)\tPorts: 22/open/tcp//ssh//Dropbear sshd 0.52 (protocol 2.0)/, 53/open/tcp//domain//dnsmasq 2.45/, 80/open/tcp//http//DD-WRT milli_httpd/, 443/open/tcp//ssl|https?///\tIgnored State: closed (996)\tOS: DD-WRT v24-sp2 (Linux 2.6.24)\tSeq Index: 204\tIP ID Seq: All zeros\n", "Host: 10.10.10.111 (changeme)\tPorts: 22/open/tcp//ssh//OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0)/, 10000/open/tcp//http//MiniServ 1.760 (Webmin httpd)/\tIgnored State: closed (998)\tOS: Linux 3.2 - 4.0\tSeq Index: 261\tIP ID Seq: All zeros\n"] 

但是，现在我需要提取 IP 地址并将其放入最终看起来像这样的文件中:

 10.10.10.1
 10.10.10.2
 10.10.10.3
 ...etc

Answer 1

从结果数组(比如 r):

=> ["Host: 10.10.10.1 (DD-WRT)\tPorts: 22/open/tcp//ssh//Dropbear sshd 0.52 (protocol 2.0)/, 53/open/tcp//domain//dnsmasq 2.45/, 80/open/tcp//http//DD-WRT milli_httpd/, 443/open/tcp//ssl|https?///\tIgnored State: closed (996)\tOS: DD-WRT v24-sp2 (Linux 2.6.24)\tSeq Index: 204\tIP ID Seq: All zeros\n", "Host: 10.10.10.111 (changeme)\tPorts: 22/open/tcp//ssh//OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0)/, 10000/open/tcp//http//MiniServ 1.760 (Webmin httpd)/\tIgnored State: closed (998)\tOS: Linux 3.2 - 4.0\tSeq Index: 261\tIP ID Seq: All zeros\n"]

---

使用正则表达式从该数组中的每个字符串中提取 IP 地址。做这样的事情:

arr_of_ip = []
r = ["Host: 10.10.10.1 (DD-WRT)\tPorts: 22/open/tcp//ssh//Dropbear sshd 0.52 (protocol 2.0)/, 53/open/tcp//domain//dnsmasq 2.45/, 80/open/tcp//http//DD-WRT milli_httpd/, 443/open/tcp//ssl|https?///\tIgnored State: closed (996)\tOS: DD-WRT v24-sp2 (Linux 2.6.24)\tSeq Index: 204\tIP ID Seq: All zeros\n", "Host: 10.10.10.111 (changeme)\tPorts: 22/open/tcp//ssh//OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0)/, 10000/open/tcp//http//MiniServ 1.760 (Webmin httpd)/\tIgnored State: closed (998)\tOS: Linux 3.2 - 4.0\tSeq Index: 261\tIP ID Seq: All zeros\n"]
pattern = "Host:\s([^\s]+)"
re = Regexp.new(pattern)
r.each do |s|
  arr_of_ip << s.scan(re)
end

arr_of_ip.flatten!

产生输出:

["10.10.10.1", "10.10.10.111"]

Regex test