So I'm racking my brain on appropriate ways to solve a problem that once fixed, will solve every problem in my life. Its very easy (for you guys and gals) I'm sure, but I can't seem to wrap my mind around the right approach. I really want to use bash to do this, but I can't grasp how I'm going to do it. I have a pretty good handle on how to do it with a long regex in perl, but I'd rather not call that within bash, and I really don't want to add another perl script into the mix. As a sample of what I'm needing, here is some data;
-------------------------------
15:00:01.194213 IP 6.14.8.18.80 > 21.1.12.11.3311: tcp 183
-------------------------------
15:00:01.201435 IP 21.2.17.16.4918 > 6.15.2.18.80: tcp 0
-------------------------------
15:00:01.235586 IP 16.23.16.12.80 > 21.1.18.11.1519: tcp 141
Content-Type: application/ocsp-response
Content-Length: 3686
Connection: Keep-Alive
-------------------------------
15:00:01.235839 IP 16.25.36.42.80 > 21.1.18.11.119: tcp 1380
-------------------------------
15:00:01.235840 IP 6.235.16.12.80 > 21.1.18.121.1519: tcp 80
-------------------------------
The general idea is that I want to "search" a bit of text like this for certain terms, such as "Content-Length:" and receive the following as the result;
-------------------------------
15:00:01.235586 IP 16.23.16.12.80 > 21.1.18.11.1519: tcp 141
Content-Type: application/ocsp-response
Content-Length: 3686
Connection: Keep-Alive
So, what you have as the result is a match for the search text in question, as well all other information that falls within that packet's delimiters. Now obviously for small cases such as this, I could easily just do a grep -B 4 or something, but not only does that not work consistently, but it also will not get the end of that "section" before the next delimiter. I will graciously accept any solution but I prefer that it be in bash for my own curiousity and ease of implementation.