Beefy Boxes and Bandwidth Generously Provided by pair Networks DiBona
Do you know where your variables are?
 
PerlMonks  

Re^4: Inserting domain name into Snort rule

by miniperl (Initiate)
on Oct 05, 2012 at 16:40 UTC ( #997515=note: print w/ replies, xml ) Need Help??


in reply to Re^3: Inserting domain name into Snort rule
in thread Inserting domain name into Snort rule

First of all; thank you very much for your help. I did what you said and its very close but doing some weird stuff.

Here's what I have:
#!/usr/bin/perl

$work = "/var/tmp/work";
$input = "$work/domainlist.csv";

open (IN,"$input");
open (OUT,">domainlist.rules");
while (<IN>) {
  chomp();
  $domain = $_;

    $dns = join '|', '', ( map { sprintf('%02d',length $_), $_ } split /\./, $domain ), '00', '';
      print "$dns\n";
}

What I get is something like this:


|00|foobar|09|foodomain|04|com

|00|www|06|foobar|12|foobardomain|03|cc


If puts the zeros on the front instead of the end and doesn't give a count

then it counts the next sections correctly

then it always adds an extra count for the last part, maybe its counting a space or something


Comment on Re^4: Inserting domain name into Snort rule
Select or Download Code
Re^5: Inserting domain name into Snort rule
by aaron_baugher (Chaplain) on Oct 06, 2012 at 08:22 UTC

    The code as you've quoted it works fine when I give it a hardcoded domain: 

    $domain = 'foobar.foodomain.com';
$dns = join '|', '', ( map { sprintf('%02d',length $_), $_ } split /\.
+/, $domain ), '00', '';
print "$dns\n";
# prints: |06|foobar|09|foodomain|03|com|00|

    [download]

    So I'd say you need to look at your input.

    Aaron B.
    Available for small or large Perl jobs; see my home node.

[reply]
[d/l]

      You are absolutely correct. The input file was originally an windows csv, so a little dos2unix cleaned it up and it works like a champ now.

      Thanks again.

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://997515]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (6)
As of 2013-06-19 11:04 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How many continents have you visited?









    Results (654 votes), past polls