sed 和Variable

securitypluscn

1. preprocessor reputation: \
   
2.    memcap 500, \
   
3.    priority whitelist, \
   
4.    nested_ip inner, \
   
5.    whitelist $WHITE_LIST_PATH/white_list.rules, \
   
6.    blacklist $BLACK_LIST_PATH/black_list.rules

复制代码

以上是SNORT配置文件中的一段，我想用SHELL SCRIPTS 自动将它们注释掉，以下是我写的一段小程序：

1. #!/bin/bash
   
2. file='/usr/local/snort/etc/snort.conf'
   
3. for i in 'preprocessor reputation:' 'memcap 500,' 'priority whitelist,' 'nested_ip inner,' 'whitelist $WHITE_LIST_PATH/white_list.rules,' 'blacklist $BLACK_LIST_PATH/black_list.rules'
   
4. do
   
5.   echo "$i"
   
6.   sed 's/"$i"/#"$i"/' $file > temp$ && mv temp$ $file
   
7.   grep "$i" $file
   
8. done

复制代码

以下是输出结果

1. [root@master student]# bash test.sh
   
2. preprocessor reputation:
   
3. preprocessor reputation: \
   
4. memcap 500,
   
5.    memcap 500, \
   
6. priority whitelist,
   
7.    priority whitelist, \
   
8. nested_ip inner,
   
9.    nested_ip inner, \
   
10. whitelist $WHITE_LIST_PATH/white_list.rules,
    
11.    whitelist $WHITE_LIST_PATH/white_list.rules, \
    
12. blacklist $BLACK_LIST_PATH/black_list.rules
    
13.    blacklist $BLACK_LIST_PATH/black_list.rules

复制代码

我怀疑是 sed那一行中的variables写法有误，但不知如何解决。请各位指点。 谢谢先。以下是加-x之后的输出：

1. [root@master student]# bash -x test.sh
   
2. + file=/usr/local/snort/etc/snort.conf
   
3. + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
   
4. + echo preprocessor reputation:
   
5. preprocessor reputation:
   
6. + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
   
7. + mv temp13785 /usr/local/snort/etc/snort.conf
   
8. + grep 'preprocessor reputation:' /usr/local/snort/etc/snort.conf
   
9. preprocessor reputation: \
   
10. + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
    
11. + echo memcap 500,
    
12. memcap 500,
    
13. + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
    
14. + mv temp13785 /usr/local/snort/etc/snort.conf
    
15. + grep 'memcap 500,' /usr/local/snort/etc/snort.conf
    
16.    memcap 500, \
    
17. + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
    
18. + echo priority whitelist,
    
19. priority whitelist,
    
20. + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
    
21. + mv temp13785 /usr/local/snort/etc/snort.conf
    
22. + grep 'priority whitelist,' /usr/local/snort/etc/snort.conf
    
23.    priority whitelist, \
    
24. + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
    
25. + echo nested_ip inner,
    
26. nested_ip inner,
    
27. + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
    
28. + mv temp13785 /usr/local/snort/etc/snort.conf
    
29. + grep 'nested_ip inner,' /usr/local/snort/etc/snort.conf
    
30.    nested_ip inner, \
    
31. + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
    
32. + echo whitelist '$WHITE_LIST_PATH/white_list.rules,'
    
33. whitelist $WHITE_LIST_PATH/white_list.rules,
    
34. + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
    
35. + mv temp13785 /usr/local/snort/etc/snort.conf
    
36. + grep 'whitelist $WHITE_LIST_PATH/white_list.rules,' /usr/local/snort/etc/snort.conf
    
37.    whitelist $WHITE_LIST_PATH/white_list.rules, \
    
38. + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
    
39. + echo blacklist '$BLACK_LIST_PATH/black_list.rules'
    
40. blacklist $BLACK_LIST_PATH/black_list.rules
    
41. + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
    
42. + mv temp13785 /usr/local/snort/etc/snort.conf
    
43. + grep 'blacklist $BLACK_LIST_PATH/black_list.rules' /usr/local/snort/etc/snort.conf
    
44.    blacklist $BLACK_LIST_PATH/black_list.rules

复制代码

Shell_HAT

1. sed "s/xx/oo/" $file

复制代码

sed引用外部变量的时候，这个地方要用双引号。

securitypluscn

回复 2# Shell_HAT

多谢指点。


   

securitypluscn

回复 1# securitypluscn

谢谢rdcwayx帮助整理帖子格式。下次一定注意。