Saturday, July 23, 2011

egrep an ip using a regex

i'm not the greatest at regular expressions, but with some help from a friend i finally developed a nice regex that will grab an ip address out of a log file.

i have postfix setup on my mail server to greylist new addresses automatically. i'm working on developing a plugin for that will take addresses that don't follow smtp rfc standards and automatically blacklist them. at any rate, here's the regex ... maybe it'll help someone else out there keep from pulling their hair out:

rosebud:~# egrep /var/log/your_mail_log 'client_address\=[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}'

of course, client_address is relative to postfix, but you get the idea. cheers!