Nope, you're not missing a thing. I uploaded the wrong version of my script. Here's the portion you're questioning from the
actual script:
while ($inLine = <IN>) {
my ($ip1, $port1, $ip2, $port2) = 0;
my ($date, $log, $protocol, $firstIP, $secondIP, $packets) =
split(/,/, $inLine);
# strip port number if it exists
if ($firstIP =~ /([\d.]+)\((\d+)\)/) {
$ip1 = $1;
$port1 = $2;
} else {
$ip1 = $firstIP;
$port1 = " ";
}
if ($secondIP =~ /([\d.]+)\((\d+)\)/) {
$ip2 = $1;
$port2 = $2;
} else {
$ip2 = $secondIP;
$port2 = " ";
}
After a quick review, that seems to be the only difference. Sorry for the confusion.
If things get any worse, I'll have to ask you to stop helping me.