I just make a stat file from my maillog to get all ip and make them unique to find spam pattern and pipe out to a file ips.txt like this :
718 718 xx.xx.xx.xx
371 371 xxx.xxx.xx.xxx
327 327 xxx.xx.xx.xxx
which 718,371,327 is the total connection made my x ips.Anyway now i want to do nslookup to each ip. I just found the script here :
while read IP ; do
LOOKUP_RES=$(nslookup $IP | sed -n 's/.*arpa.*name = \(.*\)/\1/p')
test -z "$LOOKUP_RES" && LOOKUP_RES="Failed"
echo -e "$IP\t$LOOKUP_RES"
done < ips.txt
I try enhance the script make the nslookup result will be put next to the ip in new file or the ips.txt file (doesn't matter) but failed.
Somebody please help me here..