shell 脚本，提取文件中的内容

使用awk、cut、sed、if、while 等

awk、cut、sed还是很重要的

这是后来修改的，可以完成

#!/bin/bash

#conver format
FILE=mobile_dpi.rules
APPFILE=app_dic.rc.BAK_2
CONVERFILE=mobile_dpi.txt

rm -rf ${CONVERFILE}

cat ${FILE} | grep "^a" | while read -r LINE
do
PROTO_TYPE=$( echo $LINE | awk '{print $2}' )
DIR=$( echo $LINE | awk '{print $4 $5 $6}' )
STR=$(echo $LINE | awk -F '>' '{for(i=2;i<=NF;i++) printf $i}')
TMPSTR=x
VAR=1
CONTENTEXPRESS=""
PCREEXPRESS=""
MSG=""
IDSTR=""
while [ "$TMPSTR"x != ""x ]
do
TMPSTR=$(echo $STR | awk -F ';' '{i='"$VAR"'; print $i}')
if [ "$(echo $TMPSTR | grep "msg:")"x != ""x ];then
MSG=$(echo $TMPSTR | awk -F '"' '{print $2}')
fi
if [ "$(echo $TMPSTR | grep "app:id")"x != ""x ];then
IDSTR=$(echo $LINE | cut -d '$' -f 2 | cut -d '(' -f 2 | cut -d ')' -f 1 | cut -d ':' -f 1)
ID=$(cat $APPFILE | grep $IDSTR | head -1 | awk -F ';' '{print $2}' )
fi
if [ "$(echo $TMPSTR | grep "pcre:")"x != ""x ];then
PCREEXPRESS=$(echo $TMPSTR | awk -F '"' '{print $2}')
fi
CONTENT=""
if [ "$(echo $TMPSTR | grep "content:")"x != ""x ];then
CONTENT=$(echo $TMPSTR | awk -F '"' '{print $2}')
if [ "$(echo $CONTENT | grep '|')"x != ""x ];then
STR1=$(echo $CONTENT | cut -d '|' -f 1)
CUTSTR=$(echo $CONTENT | cut -d '|' -f 2)
STR2=$(echo $CONTENT | cut -d '|' -f 3)

CUTSTR=$( echo $CUTSTR| awk '{for(i=1;i<=NF;i++) {printf("\\x%s",$i);}}' )
CONTENT="${STR1}""${CUTSTR}""${STR2}"
CONTENTEXPRESS="${CONTENTEXPRESS}""(.*)""${CONTENT}"
else
CONTENTEXPRESS="${CONTENTEXPRESS}""(.*)""${CONTENT}"
fi
fi
VAR=$(($VAR+1))
done
CONTENTEXPRESS=${CONTENTEXPRESS#(.*)}
EXPRESS=""
if [ "$PCREEXPRESS"x != ""x ];then
EXPRESS=$PCREEXPRESS
else
EXPRESS=$CONTENTEXPRESS
fi
if [ "$EXPRESS"x != ""x ];then
echo "PROTOCOL:${PROTO_TYPE};DIR:C->S;ID:${ID};MSG:${MSG};EXPRESS:"${EXPRESS}"" >> ${CONVERFILE}
fi
done

这是之前的，比较乱

#!/bin/bash

#conver format
FILE=mobile_dpi.rules
APPFILE=app_dic.rc.BAK_2
CONVERFILE=mobile_dpi.txt

rm -rf ${CONVERFILE}

cat ${FILE} | grep "^a" | while read LINE

do
PROTO_TYPE=$( echo $LINE | awk '{print $2}' )
DIR=$( echo $LINE | awk '{print $4 $5 $6}' )
MSG=$(echo $LINE | cut -d '(' -f 2 | cut -d ')' -f 1 | awk -F ';' '{print $1}' | awk -F ':' '{print $2}')
IDSTR=$(echo $LINE | cut -d '$' -f 2 | cut -d '(' -f 2 | cut -d ')' -f 1 | cut -d ':' -f 1)
ID=$(cat $APPFILE | grep $IDSTR | head -1 | awk -F ';' '{print $2}' )
EXPRESTR=$(echo $LINE | awk -F '(' '{for(i=1;i<=NF;i++) printf $i}' | awk -F ';' '{for(i=2;i<=NF-2;i++)printf $i";"}')
HEAD=$(echo $EXPRESTR | awk -F ';' '{print $1}' | awk -F '"' '{print $1}')
if [ "$HEAD"x == "pcre:"x ]; then
EXPRESS=$(echo $EXPRESTR | awk -F ';' '{print $1}' | awk -F '"' '{print $2}')
else
EXPRESS=$(echo $EXPRESTR | awk -F '"' '{i=1;for(i=i*2;i<=NF;i+=2)printf $i"{?}"}')
STRTMP=$(echo "$EXPRESS" |grep '|')
if [ $? -eq 0 ];then
echo $EXPRESS
# EXPRESS=$(echo $EXPRESS| awk -F '|' '{for(i=2;i<=NF;i+=2) printf $i"{?} " }'| awk '{for(i=1;i<=NF;i++){printf("\\x%s",$i)}}')
fi
EXPRESS=${EXPRESS%%{?}}
fi
echo "PROTOCOL:${PROTO_TYPE};DIR:C->S;ID:${ID};MSG:${MSG};EXPRESS:"${EXPRESS}"" >> ${CONVERFILE}
done