{ "cells": [ { "cell_type": "code", "execution_count": 1, "id": "c3d3179a", "metadata": {}, "outputs": [], "source": [ "import re\n", "from pathlib import Path\n" ] }, { "cell_type": "code", "execution_count": 2, "id": "bf7cab93", "metadata": {}, "outputs": [], "source": [ "LOG_FILE = Path('/Users/nico/Downloads/history(1).log') # change to your real filename\n" ] }, { "cell_type": "code", "execution_count": 3, "id": "3fb97df3", "metadata": {}, "outputs": [], "source": [ "# Regular expressions\n", "# 1. find lines that mention ACCEPTIN or DROPIN\n", "# 2. extract the SRC=… and DPT=… fields\n", "rx_match = re.compile(r'\\b(?:ACCEPTIN|DROPIN)\\b')\n", "rx_src = re.compile(r'SRC=(\\S+)')\n", "rx_dpt = re.compile(r'DPT=(\\S+)')\n" ] }, { "cell_type": "code", "execution_count": 4, "id": "80bda503", "metadata": {}, "outputs": [], "source": [ "src_set = set()\n", "dpt_set = set()\n" ] }, { "cell_type": "code", "execution_count": 5, "id": "2c65a8a8", "metadata": {}, "outputs": [], "source": [ "for line in LOG_FILE.read_text().splitlines():\n", " if rx_match.search(line):\n", " src = rx_src.search(line)\n", " dpt = rx_dpt.search(line)\n", " if src:\n", " src_set.add(src.group(1))\n", " if dpt:\n", " dpt_set.add(dpt.group(1))\n" ] }, { "cell_type": "code", "execution_count": 6, "id": "ee8d993a", "metadata": {}, "outputs": [ { "name": "stdout", "output_type": "stream", "text": [ "SRC addresses (unique):\n", "101.109.1.155\n", "101.126.65.104\n", "103.167.90.33\n", "129.212.181.192\n", "139.19.117.131\n", "143.244.143.105\n", "146.88.240.102\n", "149.100.11.243\n", "157.230.88.176\n", "159.203.22.30\n", "161.35.89.149\n", "162.199.59.89\n", "162.243.92.131\n", "164.52.0.92\n", "164.92.186.91\n", "165.227.34.24\n", "178.20.210.151\n", "178.20.210.152\n", "185.226.197.20\n", "185.243.98.11\n", "185.244.104.2\n", "185.44.76.10\n", "192.155.81.124\n", "193.142.147.209\n", "193.163.125.168\n", "193.163.125.172\n", "193.32.162.146\n", "193.34.213.150\n", "194.0.234.20\n", "194.180.48.63\n", "196.251.100.49\n", "196.251.100.74\n", "198.23.193.70\n", "198.235.24.220\n", "198.235.24.255\n", "199.30.231.6\n", "205.210.31.254\n", "209.38.80.186\n", "211.197.158.113\n", "217.119.139.38\n", "222.186.13.133\n", "40.118.131.195\n", "40.124.80.250\n", "45.140.140.15\n", "45.58.127.135\n", "51.158.205.47\n", "51.159.195.137\n", "52.177.127.126\n", "62.60.131.204\n", "64.31.56.53\n", "64.62.156.14\n", "64.62.197.37\n", "64.62.197.80\n", "66.175.215.158\n", "71.6.134.230\n", "77.90.185.43\n", "78.130.40.117\n", "78.159.130.8\n", "80.94.92.166\n", "81.22.193.93\n", "85.235.74.21\n", "88.218.193.185\n", "89.42.231.77\n", "91.199.163.52\n", "91.224.92.54\n", "91.224.92.94\n", "91.232.238.112\n", "94.100.26.36\n" ] } ], "source": [ "print(\"SRC addresses (unique):\")\n", "for addr in sorted(src_set):\n", " print(addr)\n" ] }, { "cell_type": "code", "execution_count": 9, "id": "238c0796", "metadata": {}, "outputs": [ { "data": { "text/plain": [ "68" ] }, "execution_count": 9, "metadata": {}, "output_type": "execute_result" } ], "source": [ "len(src_set)" ] }, { "cell_type": "code", "execution_count": 8, "id": "8c5730a3", "metadata": {}, "outputs": [ { "name": "stdout", "output_type": "stream", "text": [ "\n", "DPT ports (unique):\n", "22\n", "443\n" ] } ], "source": [ "print(\"\\nDPT ports (unique):\")\n", "for port in sorted(dpt_set):\n", " print(port)" ] } ], "metadata": { "kernelspec": { "display_name": "base", "language": "python", "name": "python3" }, "language_info": { "codemirror_mode": { "name": "ipython", "version": 3 }, "file_extension": ".py", "mimetype": "text/x-python", "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", "version": "3.12.2" } }, "nbformat": 4, "nbformat_minor": 5 }