cutting relevant portions of a file

Question

I want to cut some portions of binary file starting from a particular pattern and ending at a particular pattern.How do I do that in linux using bash.Can this be done using sed or awk?

I have a file like given below.

bd=0x422e90e0ff4abc00 pad=0x82 offset=0x05 dst=00:0d:bc:03:6d:80 src=00:50:a2:df:e8:1c etype=0x0800 ip: version=4 headerwords=5 tos=32 length=142 ip: id=201 flags=0x2 fragmentoffset=0 ip: ttl=117 protocol=6 checksum=0x0000 ip: sourceaddress=36.190.253.236 ip: destinaddress=125.182.162.162 bd=0x422e90e0ff61f000 pad=0x92 offset=0x19 dst=00:50:a2:df:e8:1c src=00:0d:bc:03:6d:80 etype=0x0800 ip: version=4 headerwords=5 tos=0 length=40 ip: id=11084 flags=0x2 fragmentoffset=0 ip: ttl=62 protocol=6 checksum=0x0000 ip: sourceaddress=125.182.162.162 ip: destinaddress=36.190.253.236 bd=0x422e90e0ff6bb900 pad=0xb8 offset=0x06 dst=00:50:a2:df:e8:1c src=00:0d:bc:03:6d:80 etype=0x0800 ip: version=4 headerwords=5 tos=0 length=40 ip: id=15720 flags=0x2 fragmentoffset=0 ip: ttl=62 protocol=6 checksum=0x0000 ip: sourceaddress=125.182.162.162 ip: destinaddress=36.190.253.236 bd=0x422e90e0ffbe9a00 pad=0xbb offset=0xc5 dst=00:50:a2:df:e8:1c src=00:0d:bc:03:6d:80 etype=0x0800 ip: version=4 headerwords=5 tos=0 length=186 ip: id=15722 flags=0x2 fragmentoffset=0 ip: ttl=62 protocol=6 checksum=0x0000 ip: sourceaddress=125.182.162.162 ip: destinaddress=36.190.253.236

I need to cut this file from bd=0x422e90e0ff61f000 to bd=0x422e90e0ffbe9a00.Can this be done using sed or awk.

Yes, but you've provided no information to use in order to formulate an answer. "Cut", because of the command by the same name, might imply that you're talking vertically, i.e. to remove columns. AWK and `sed` can easily do this. However, AWK and `sed` are also very good at removing (or passing through) selected lines (a horizontal cut as it were). I'm voting to close this as not a real question and recommend that you read [How to Ask](http://serverfault.com/questions/how-to-ask) very thoroughly. — Dennis Williamson, Apr 19 '12 at 10:52
This sounds like a promising tool for binary files: http://bbe-.sourceforge.net/bbe.html — erikxiv, Apr 19 '12 at 11:56

score 1 · Accepted Answer · answered Apr 19 '12 at 22:15

Something like this? (I have your block of text sitting in a file foo.txt)

$ cat foo.awk
BEGIN {
  RS = "bd=[a-fx0-9]* ";
  FS = "";
}

{
  print $0;
}

$ awk -f foo.awk foo.txt

pad=0x82 offset=0x05 dst=00:0d:bc:03:6d:80 src=00:50:a2:df:e8:1c etype=0x0800 ip: version=4 headerwords=5 tos=32 length=142 ip: id=201 flags=0x2 fragmentoffset=0 ip: ttl=117 protocol=6 checksum=0x0000 ip: sourceaddress=36.190.253.236 ip: destinaddress=125.182.162.162
pad=0x92 offset=0x19 dst=00:50:a2:df:e8:1c src=00:0d:bc:03:6d:80 etype=0x0800 ip: version=4 headerwords=5 tos=0 length=40 ip: id=11084 flags=0x2 fragmentoffset=0 ip: ttl=62 protocol=6 checksum=0x0000 ip: sourceaddress=125.182.162.162 ip: destinaddress=36.190.253.236
pad=0xb8 offset=0x06 dst=00:50:a2:df:e8:1c src=00:0d:bc:03:6d:80 etype=0x0800 ip: version=4 headerwords=5 tos=0 length=40 ip: id=15720 flags=0x2 fragmentoffset=0 ip: ttl=62 protocol=6 checksum=0x0000 ip: sourceaddress=125.182.162.162 ip: destinaddress=36.190.253.236
pad=0xbb offset=0xc5 dst=00:50:a2:df:e8:1c src=00:0d:bc:03:6d:80 etype=0x0800 ip: version=4 headerwords=5 tos=0 length=186 ip: id=15722 flags=0x2 fragmentoffset=0 ip: ttl=62 protocol=6 checksum=0x0000 ip: sourceaddress=125.182.162.162 ip: destinaddress=36.190.253.236

So, basically: change the field separator to null, and change the record separator to that "bd=" pattern, and print everything in the record.

cutting relevant portions of a file

1 Answers1