I'm trying to use a bash regex from a ss
comand output to extract the name of the application that is using a given port in a function. I have some problems with the regex.
Command to check the data is ss -tupln
Example of data to parse (ipv4):
tcp LISTEN 0 10 0.0.0.0:80 0.0.0.0:* users:(("nc",pid=3474,fd=4))
tcp LISTEN 0 10 [::]:80 [::]:* users:(("nc",pid=3474,fd=3))
In this case I want to extract nc
which is the name of the program using the port
Example of data to parse (ipv6):
tcp LISTEN 0 511 *:80 *:* users:(("apache2",pid=6741,fd=4),("apache2",pid=6740,fd=4),("apache2",pid=6738,fd=4),("apache2",pid=6737,fd=4),("apache2",pid=6736,fd=4),("apache2",pid=6724,fd=4))
In this case I want to extract apache2
which is the name of the program using the port.
I need a general regex valid for both cases. I don't care if it is get using grep or if is done using pure bash regex. My non-working approach:
#!/bin/bash
get_name() {
local regexp="${1}.*[0-9\*]:${2}[[:blank:]]+.*[[:blank:]]+users:\(\(\"(.+)\"\,"
[[ $(ss -tupln) =~ ${regexp} ]] && process_name="${BASH_REMATCH[1]}"
echo "${process_name}"
}
get_name "tcp" "80"
Thanks.
You might use gnu grep:
The pattern matches:
tcp\h
Match tcp and a space.*?:80\h
Match as least as possible chars and then:80
and a space.*?\busers:
Match as least as possible chars and thenusers:
\(\("
match(("
\K[^"]+
Forget what is matched to far (it will not be part of the resulting match)(?=")
Positive lookahead, assert=
directly to the rightSee a regex demo