We just upgraded our test server to AIX 5.2 from 4.3.3 this past weekend. Now, one of our scripts is messing up that uses output from the lsof command. I have narrowed it down to one line in the script, but I don't sed well enough to understand what it is doing. Can someone please help me decipher what this line is doing? PORT=`echo "$remainder" | sed 's%\(.*\) \*:\([0-9]*\) \(.*\)%\2%'` $remainder is the output from the lsof command. Thanks, Scott

I tried this out just to see, and best I can tell you is that it finds all the open files representing processes listening for foreign (not localhost) network connections to anonymous hosts on port numbers that have not been named, replacing those lines with just the portnumbers. Or in otherwords it is reporting all those TCP/IP port numbers that the machine is actively listening on, yet that port number appears not to have a servicename. e.g., these lines... xdm 212 0 6u inet 0x3d47a900 0t0 TCP *:4816 (LISTEN) portmap 300 0 5u inet 0x16a0c100 0t0 TCP *:111 (LISTEN) will be replaced with... 4816 111 but these lines... named 22068 13 23u inet 0xd7c79400 0t0 TCP localhost:domain (LISTEN) inetd 24543 0 5u inet 0x99ac3400 0t0 TCP *:telnet (LISTEN) will be ignored. Perhaps somekind of intrusion detection of somesort. I hope this is helpful to you.