#!/usr/bin/perl -w

#
# samailoffset - Easy way to get messages from mass-check log output
#
# By: Theo Van Dinter (felicity@apache.org) (c) 1998-2007
# Revision Info: $Id$
#

# this script will grab messages out of a corpus and display the headers (by
# default) or the full message (-b).  typically this lets you do something
# like "grep RULE_NAME ham.log | samailoffset" and get the right thing.

use strict;
$|++;
my $body = 0;

# if "-b" is given on the command, this will output the body of the message as
# well as the header.
if ( @ARGV && $ARGV[0] =~ /^-+b/ ) { $body=1; shift; }
unless (@ARGV) {
  @ARGV=<STDIN>;
}

foreach ( @ARGV ) {
  next if /^#/;

  if (/^[.Y]\s+-?\d+\s(.+?)\s(?:[A-Za-z0-9_,]+\s)?[a-z]+=/) {
    $_ = $1;
  }

  my $count = 0;
  /^(.+?)(?:\.(\d+))?$/;
  my($file,$offset) = ($1,$2);

  if ($file =~ /\.gz$/) {
    $file = "gunzip -cd $file |";
  } 
  elsif ($file =~ /\.bz2$/) {
    $file = "bzip2 -cd $file |";
  }

  open(T,$file) || die "Can't open $file: $!";
  seek T, $offset, 0 if (defined $offset);
  while(defined(my $l=<T>)) {
    last if ($count++ && $l=~/^From /);
    print $l;
    last if (!$body && $l=~/^$/);
  }
  close(T);
}