gpt4 book ai didi

批量解析 NETSTAT -ban 开关

转载 作者:行者123 更新时间:2023-12-04 22:45:04 28 4
gpt4 key购买 nike

大量搜索未找到批量解析 netstat -bano 的解决方案(与 -nab-bna- 相同的开关anb-nbanabo 等),因此来自给定网络连接的所有信息都在同一行上。

Netstat-ban 开关用于:

-b = 显示可执行文件

-a = 显示所有连接和监听端口

-n = 以数字形式显示地址和端口。

-o = 显示每个连接的拥有进程 ID(即 PID)

但是 netstat 将文件名添加到 行,使得处理输出非常困难。批量搜索没有找到任何答案。

我创建了一种通过查找 ](右括号)作为一行中的最后一个字符来解析它的方法。如果是 ],则基本上输出“组合”行,该行现在包含可执行文件。

我的代码作为答案发布,但做得很丑陋,因为它必须使用文件而不是变量来处理解析。

最佳答案

此脚本的先前版本缺少反斜杠。此外,脚本会删除输出文件。将文件创建为 %computername%--NETSTAT.txt 而不是 NETSTAT--%computername%.txt 可以解决问题。

@ECHO OFF
SetLocal
REM Method of finding last character-of-a-string-from-a-variable
REM http://stackoverflow.com/a/15662607/1569434

REM Get the script's path so all needed files can sit in the same folder
SET SCRIPTPATH=%~p0
CD %SCRIPTPATH%

REM Read and pass each line in file one at a time to sub 'FindEXE'
SET CONCATLINE=
SET HEADERROW=
SET /A LINECOUNT = 0
@echo LINECOUNT = %LINECOUNT%
del %SCRIPTPATH%\netstat*.txt /q 2>nul

netstat -bano>%SCRIPTPATH%\netstat0.txt
REM Copy all lines except those with "TIME_WAIT" into text file
FINDSTR /V /I /C:"TIME_WAIT" %SCRIPTPATH%\netstat0.txt>%SCRIPTPATH%\netstat1.txt
REM Delete first two lines, which are a header and a blank line
for /f "skip=2 delims=*" %%a in (%SCRIPTPATH%\netstat1.txt) do (echo %%a>>%SCRIPTPATH%\netstat2.txt)

REM Search for and process file based on matching text
REM This sub begins putting each netstat connection on one line
for /f "delims=*" %%A in (%SCRIPTPATH%\netstat2.txt) do call :FindTXT1 %%A

REM netstat3 will have all data from given connection on one line
SET /A LINECOUNT = 0
for /f "delims=*" %%A in (%SCRIPTPATH%\netstat3.txt) do call :FindTXT2 %%A

REM Keep only header and unique (i.e., those with "[::]") 'listening' connections
FINDSTR /I /C:"LISTENING" /C:"Local Address" %SCRIPTPATH%\netstat4.txt>%SCRIPTPATH%\netstat5.txt
FINDSTR /I /C:"[::]:" /C:"Local Address" %SCRIPTPATH%\netstat5.txt>%SCRIPTPATH%\netstat6.txt

MOVE /Y %SCRIPTPATH%\netstat6.txt %SCRIPTPATH%\%computername%--NETSTAT.txt
del %SCRIPTPATH%\netstat*.txt /q 2>nul
@echo off

echo done.

EndLocal
goto :EOF




:FindTXT1
REM We've got a line sent to us. Set variable to entire line using * (instead of %1)
SET CURRENTLINE=%*
SET /A LINECOUNT = %LINECOUNT% + 1
REM Add line feed after header row and return to main script
IF "%LINECOUNT%" == "1" (
SET HEADERROW=%CURRENTLINE%
@ECHO %CURRENTLINE%> %SCRIPTPATH%\netstat3.txt
goto :eof
)

REM Append a comma and CURRENTLINE to CONCATLINE. NOTE: Script expecting comma; don't use semi-colon
SET CONCATLINE=%CONCATLINE%,%CURRENTLINE%

REM When echo line, remove first char (comma, inserted above) using:
REM http://ss64.com/nt/syntax-substring.html
REM If last char is "]" then print, otherwise append
IF "%CURRENTLINE:~-1%"=="]" (
REM @echo right bracket=FOUND
@echo %CONCATLINE:~1%>>%SCRIPTPATH%\netstat3.txt
SET CONCATLINE=
) else (
REM @echo right bracket=NOT found
)

REM If line = "Can not obtain ownership information" then print, otherwise append
IF "%CURRENTLINE%"=="Can not obtain ownership information" (
REM @echo No Ownership=TRUE
@echo %CONCATLINE:~1%>>%SCRIPTPATH%\netstat3.txt
SET CONCATLINE=
)

goto :eof


:FindTXT2
REM We've got a line sent to us. Set variable to entire line using * (instead of %1)
SET CURRENTLINE=%*
SET /A LINECOUNT = %LINECOUNT% + 1
REM Add line feed after header row and return to main script
IF "%LINECOUNT%" == "1" (
SET HEADERROW=%CURRENTLINE%
@ECHO %CURRENTLINE%> %SCRIPTPATH%\netstat4.txt
goto :eof
)

REM If last char is "]" then search, otherwise append.
REM Without "DelayedExp...", variable sets to value from previous FOR loop
IF "%CURRENTLINE:~-1%"=="]" (
SetLocal ENABLEDELAYEDEXPANSION
REM IP6 EXEs result in 3 sets of [], so find and set var to last one, which is where EXE lives
FOR /f "tokens=1,2,3,4,5,6 delims=[]" %%a in ("%CURRENTLINE%") do (
SET BINNAME1=%%b
SET BINNAME2=%%f
IF "!BINNAME1!" == "::" (
REM @ECHO BINNAME1=!BINNAME1!>>%SCRIPTPATH%\netstat4.txt
SET BINNAME=!BINNAME2!
REM @echo %CURRENTLINE%;BINNAME=!BINNAME2!>>%SCRIPTPATH%\netstat4.txt
) else (
SET BINNAME=!BINNAME1!
REM @echo %CURRENTLINE%;BINNAME=!BINNAME1!>>%SCRIPTPATH%\netstat4.txt
)
@echo %CURRENTLINE%;BINNAME=!BINNAME!>>%SCRIPTPATH%\netstat4.txt
)
) else (
@echo %CURRENTLINE%>>%SCRIPTPATH%\netstat4.txt
SetLocal DISABLEDELAYEDEXPANSION
)

goto :eof

关于批量解析 NETSTAT -ban 开关,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26839728/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com