Regular Expressions 101

Community Library Entry

0

Regular Expression
PCRE2 (PHP >=7.3)

/
IN=(?P<source_interface>(\S+|\s?)) OUT=(?P<forward_interface>(\S+|\s?)) MAC=(?P<source_mac>(\S+|\s?)) SRC=(?P<source_ip>(?:([0-9]{1,3}\.){3}[0-9]{1,3})) DST=(?P<destination_ip>(?:([0-9]{1,3}\.){3}[0-9]{1,3})) LEN=(?P<pkt_len>\d+) TOS=(?P<pkt_tos>[\dx\d]+) PREC=(?P<pkt_prec>[\dx\d]+) TTL=(?P<pkt_ttl>\d+) ID=(?P<pkt_id>\d+)\s?(?P<pk_frg>[A-Z\s].?)\s?PROTO=(?P<pkt_protocol>[\w\d]+) SPT=(?P<source_port>\d+) DPT=(?P<dest_port>\d+) (LEN=(?P<pkt_length>\d+))?(WINDOW=(?P<pkt_window>\d+) RES=(?P<pkt_res>[\dx\d]+)? (?P<pkt_type>(\S+))?\s?(URGP=(?P<pkt_urgency>\d))?)?
/
gm

Description

Match IP Tables Rules for logging

Submitted by Proffalken - 3 years ago