TechQA.

By using sed change IP Address what ever it is in brackets and quotes as in Suricata.yaml

191 views Asked by At

I need to change IP address using sed in suricata.yaml file infront of HOME_NET.

HOME_NET: "[172.20.16.25]"

I can manage what ever IP address by using the following regex.

sed -i "s/[0-9]\{1,3\}.[0-9]\{1,3\}.[0-9]\{1,3\}.[0-9]\{1,3\}/"$IP"/g"

Problem is it will change all IP addresses in file. I just interested in that is in front of HOME_NET.

sed ubuntu-14.04 suricata
Original Q&A
1

There are 1 answers

2
Robin479 On

sed -i "/^ *HOME_NET/s/[0-9]\{1,3\}.[0-9]\{1,3\}.[0-9]\{1,3\}.[0-9]\{1,3\}/"$IP"/g"

To elaborate a bit: a single line of sed script is composed of a line matching rule (called address in the documentation) and an action to be executed (command). The /^ *HOME_NET/ part is a simple line matching rule, while the s/../../g part is the substitution command. If you don't specify a line matching rule, all lines are matched.

Try man sed to learn a bit more.

Related Questions in SED

Related Questions in UBUNTU-14.04

Related Questions in SURICATA

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions