how cut message log for me!!

**slackman** · 08-24-2008

i got message log from iptables log and i filter it's.
24 Aug 22:56:28 IN=eth1 OUT=eth0 SRC=172.168.1.200 DST=203.146.237.237 ID=9048 PROTO=UDP SPT=52603 DPT=53 LEN=40
24 Aug 22:56:28 IN=eth1 OUT=eth0 SRC=172.168.1.200 DST=203.146.237.237 ID=9049 PROTO=UDP SPT=59873 DPT=53 LEN=40
24 Aug 22:56:28 IN=eth0 OUT=eth1 SRC=203.146.237.237 DST=172.168.1.200 ID=0 DF PROTO=UDP SPT=53 DPT=52603
24 Aug 22:56:28 IN=eth1 OUT=eth0 SRC=172.168.1.200 DST=203.146.237.237 ID=9050 PROTO=UDP SPT=49967 DPT=53 LEN=40
24 Aug 22:56:28 IN=eth0 OUT=eth1 SRC=203.146.237.237 DST=172.168.1.200 ID=0 DF PROTO=UDP SPT=53 DPT=59873
24 Aug 22:56:28 IN=eth1 OUT=eth0 SRC=172.168.1.200 DST=203.146.237.237 ID=9051 PROTO=UDP SPT=63819 DPT=53 LEN=40
24 Aug 22:56:28 IN=eth0 OUT=eth1 SRC=203.146.237.237 DST=172.168.1.200 ID=0 DF PROTO=UDP SPT=53 DPT=63819
24 Aug 22:56:28 IN=eth1 OUT=eth0 SRC=172.168.1.200 DST=203.146.237.237 ID=9055 PROTO=UDP SPT=49967 DPT=53 LEN=40
24 Aug 22:56:28 IN=eth1 OUT=eth0 SRC=172.168.1.200 DST=203.146.237.237 ID=9057 PROTO=UDP SPT=49967 DPT=53 LEN=40

but i want
24 Aug 22:56:28 IN=eth0 OUT=eth1 SRC=203.146.237.237 DST=172.168.1.200 ID=0 DF PROTO=UDP SPT=53 DPT=63819
24 Aug 22:56:28 IN=eth1 OUT=eth0 SRC=172.168.1.200 DST=203.146.237.237 ID=9055 PROTO=UDP SPT=49967 DPT=53 LEN=40

it red color i'dont want get it. how to filter!!

**secondmouse** · 08-25-2008

how about
cat data | awk '{ if ($8=="ID=0") {print $1,$2,$3,$4,$5,$6,$7,$10,$11,$12} else {print $1,$2,$3,$4,$5,$6,$7,$9,$10,$11} }'

Thread Tools

Display

how cut message log for me!!

Posting Permissions