comment on

I do from time to time code one-shot programs. Perl is the perfect language for this, as it gives me powerful functions to do what I need (whether it's changing a few lines, calculate a string transformation or extract useful lines).

As others noted, the problem is in how will these tools evolve over time... But you get to solve your present problem now. If you discover it's a larger problem, you can always go back to the keyboard and start to think about a more general purpose program.

For example, here is a one-shot done this afternoon in a quick session, that is aimed to extract lines from a special text export of FireWall-1 logs... The only goal was to be a little faster than the FireWall-1 log tool for problem investigation. And to use simple (and regular) expressions to match lines.

#!/usr/bin/perl -w
use strict;

# the various fields
my @field = qw/id date time if fw type action service src dst proto ru
+le sport reason/;
my $i = 0; my %field = map { ($_, $i++) } @field;

# create the filter
my %filtre = (@ARGV); my @filtre;
while(my ($k, $v) = each %filtre) { # better use a while than a for lo
+op
    push @filtre, '$data['.$field{$k}."]=~m/$v/i";
}
my $filtre = join ' && ', @filtre;

# open the file
my $file = "fw01.log";
open F, $file || die "Error: $file $!\n";
$\= "\n";
print join"--\t--", @field;
while(<F>) {
    my @data = (/"(.*?)"/g);
    print join"\t",@data if eval $filtre;
}
[download]

It has -w and use strict;, but the filename is hardcoded and the file is not closed! I translated the comments from French, but they were here from the start. And the most important ones are missing... because the filter creation process was clear to me!

This ugly script allows for nice combinations, like: match.pl src 10.1.1.5 action drop service "^23|telnet" which will show all telnet connections to 10.1.1.5 that were dropped by the firewall.

If I had to write a bigger and more general purpose script, I'd probably use closures to create filter subroutines...

Update: Quick and dirty scripts can be very ugly... This one for example had a bug that prevents you to use several conditions... each should not be used in a for, but in a while loop.

In reply to Re: Reactionary Coding—One-Shot Programs by BooK
in thread Reactionary Coding—One-Shot Programs by John M. Dlugosz

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


Perl Monk, Perl Meditation
	PerlMonks