String Parsing Help

Question

techno_weenie 0 Newbie Poster

14 Years Ago

Hello i need some help with parsing a string as i'm very new to C and only started learning it a few days ago.

I wish to parse the string

"Jan 15 05:46:07 gateway kernel: IN=eth0 OUT= MAC=00:80:c7:c3:c7:be:08:00:03:23:2a:a8:08:00 SRC=80.232.253.76 DST=80.234.144.54 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=43600 DF PROTO=TCP SPT=3329 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0"

so that i can get what SRC equals and SPT (80.232.253.76 & 3329).

I can split a test string using strtok() using the delims " " & "=" and i know that the SRC and SPT will be in a particular token 12th & 29th however i do not know how to get these particular tokens all i'm able to do is print them off. Any help would be appriated, below is some of the code i've done already sorry if its in the wrong format.

// open the file "messages.txt" for reading
    FILE *file;
    file = fopen("messages.txt", "rt");

    // read the first line from the file
    char buffer[250];
    int linenumber = 1;
    while (fgets(buffer, 250, file) != NULL) {
        //display info if DTP=135
        if (strstr(buffer, "DPT=135") != NULL) {
            printf("LINE: %d", linenumber);
            printf(" CONTAINS \"DPT=135\": %s\n", buffer);
        }
        linenumber++;
    }
    // close the stream
    fclose(file);

//Splits the string str into tokens using space and =
        char str[] = "Jan 15 05:46:07 gateway kernel: IN=eth0 OUT= MAC=00:80:c7:c3:c7:be:08:00:03:23:2a:a8:08:00 SRC=80.232.253.76 DST=80.234.144.54 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=43600 DF PROTO=TCP SPT=3329 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0";
        char delims[] = " =";
        char *result = NULL;
        result = strtok(str, delims);
        //printf("SRC is \"%d\"\n", result);
        char resultline = 1;
        while (result != NULL) {
            printf("result line is \"%d\"\n", resultline);
            printf("result is \"%s\"\n", result);
            result = strtok(NULL, delims);
            resultline++;
        }

c

3 Contributors
5 Replies
148 Views
23 Hours Discussion Span
Latest Post 14 Years Ago Latest Post by techno_weenie

All 5 Replies

thomas_naveen 105 Junior Poster

14 Years Ago

In the while loop that you are using for printing why don't you do an strstr and extract the value that you need?

Something like

strstr(result, "SRC=");

thomas_naveen 105 Junior Poster

14 Years Ago

If you reach to this level of granularity then there is not much to do , is there?

Once you get the string starting with SRC, you can copy the required part of it to another string using a loop (your exit criteria would be the occurrance of the D of DST) or some standard copy function.

[EDIT]

char src[20];

int i = 0;

while(1)
{

          if((src[i] == 'D') || (i >19))
          {
                        break;
           }
           src[i] = result[i];
           i++;


}

Edited 14 Years Ago by thomas_naveen because: n/a

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

techno_weenie 0 Newbie Poster · Answer 1 · 2010-01-27T12:56:33+00:00

In the while loop that you are using for printing why don't you do an strstr and extract the value that you need?
Something like
strstr(result, "SRC=");

I'm sorry but I don't quite follow you I'm afraid. Would I do this within my first while loop or the second one which is on a test char? Would you be able to show what you mean using the code I've pasted please?

[EDIT: Below]

I Think i know what you mean now but if i was to do something like

char str[] = "Jan 15 05:46:07 gateway kernel: IN=eth0 OUT= MAC=00:80:c7:c3:c7:be:08:00:03:23:2a:a8:08:00 SRC=80.232.253.76 DST=80.234.144.54 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=43600 DF PROTO=TCP SPT=3329 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0";
    printf("%s", strstr(str, "SRC="));

it would print out "SRC=80.232.253.76 DST=80.234.144.54 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=43600 DF PROTO=TCP SPT=3329 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0" whereas I only want the IP 80.232.253.76 and nothing else.

Dave Sinkula 2,398 long time no c Team Colleague · Answer 2 · 2010-01-28T03:41:06+00:00

Going with the strstr approach, and coupling that with sscanf, I might try something like this:

#include <stdio.h>
#include <string.h>

int main(void)
{
   const char text[] = "Jan 15 05:46:07 gateway kernel: "
                       "IN=eth0 OUT= MAC=00:80:c7:c3:c7:be"
                       ":08:00:03:23:2a:a8:08:00 "
                       "SRC=80.232.253.76 DST=80.234.144.54 "
                       "LEN=48 TOS=0x00 PREC=0x00 TTL=108 "
                       "ID=43600 DF PROTO=TCP SPT=3329 "
                       "DPT=135 WINDOW=16384 RES=0x00 SYN "
                       "URGP=0";
   const char *src = strstr(text, "SRC=");
   const char *spt = strstr(text, "SPT=");
   char srcip[16];
   int sptval;
   if ( src && sscanf(src, "SRC=%15s", srcip) == 1 )
   {
      printf("SRC = \"%s\"\n", srcip);
   }
   if ( spt && sscanf(spt, "SPT=%d", &sptval) == 1 )
   {
      printf("SPT = %d\n", sptval);
   }
   return 0;
}

/* my output
SRC = "80.232.253.76"
SPT = 3329
*/

techno_weenie 0 Newbie Poster · Answer 3 · 2010-01-28T05:23:14+00:00

Thank you for all your input especially thomas whose insights mainly helped me to complete what I wanted to do so I could finish the rest of the program. I saw your approach afterwards Dave and that was also very good.

String Parsing Help

Recommended Answers Collapse Answers

All 5 Replies

Recommended Answers