I have the following piece of code and noticed that for some reason when the IP is in the 192.168.150.* range, both dev and test are matched. If the IP is in the 192.168.1.* range it correctly matches only dev.
If the IP is in the 192.168.0.* range (and the other IP still in the 150.* range) the same issue does not occur and int_lan is only dev or test.
Based on this I'm guessing the wildcard is applied after 192.168.1* and not after the third octed like I want.
In fact, with =~ you are not using wildcards but a regular expression comparison.
If you don't want to invest more time learning it, these are the minimum hints:
. will match exactly 1 character. It's "the wildard" for only 1 character no matter which type (letter, number, symbol, space, etc). \. If you want to match the exact "point" character, you have to escape it. * its a quantifier that means "zero or more occurrences" for the preceding element.
A quick way to write your desired conditions would be:
if [src_addr] =~ "192\.168\.150\..*" { #only matches "192.168.150." + whatever comes after.
...
if [src_addr] =~ "192\.168\.1\..*" { #only matches "192.168.1." + whatever comes after.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
