diff --git a/abck b/abck
index 449a9da..c2e1beb 100755
--- a/abck
+++ b/abck
@@ -7,11 +7,11 @@
 #
 # Build a report of all unauthorized access attempts
 #
-# Usage: abck [-d date offset] -s [String To Match In Log Record]
+# Usage: abck [-d date offset] -e [Except String] -s [Match String]
 
 ##########
 
-VERSION = "$Id: abck,v 1.9 2001/07/18 22:18:56 tundra Exp $"
+VERSION = "$Id: abck,v 1.91 2001/07/18 22:59:53 tundra Exp $"
 
 
 
@@ -52,7 +52,10 @@
 USAGE = "abck " + VERSION.split()[2] + " " + \
         "Copyright (c) 2001, TundraWare Inc.  All Rights Reserved.\n" + \
         " usage:\n" + \
-        "   abck [-d # days to look back] [-s string to match]\n"
+        "   abck [-d # days to look back]\n" + \
+        "        [-e except string]\n" + \
+        "        [-m match string]\n" + \
+        "        [-s Show, but do not process matching records]\n"
 
 
 ####################
@@ -149,7 +152,7 @@
 # skip this record.
 
 
-def ProcessLogRecord(logrecord):
+def ProcessLogRecord(logrecord, NOMATCH, SHOWONLY):
 
     # Check for each known attack keyword
 
@@ -159,6 +162,17 @@
         logfield = logrecord.split()
         if logrecord.count(attackkey):
 
+            # Even if it is a legitimate attack record,
+            # we do not process it if it contains text
+            # the user does not want matched.
+
+            if NOMATCH and logrecord.count(NOMATCH):
+                break
+
+            if SHOWONLY:
+                print logrecord
+                break
+        
             # Different attack records put the hostquad in different places
             hostquad =  logfield[AttackKeys[attackkey]]
             if hostquad[-1] == ',':
@@ -243,19 +257,25 @@
 # Program entry and command line processing
 
 try:
-    opts, args = getopt.getopt(sys.argv[1:], '-d:s:')
+    opts, args = getopt.getopt(sys.argv[1:], '-d:e:m:s')
 except getopt.GetoptError:
     print USAGE
     sys.exit(2)
     
-OLDEST = 0
-MATCHSTRING = ""
+OLDEST   = 0
+MATCH    = ""
+NOMATCH  = ""
+SHOWONLY = FALSE
 
 for opt, val in opts:
     if opt == "-d":
         OLDEST = time.time() - (int(val) * DLEN)
+    if opt == "-e":
+        NOMATCH = val
+    if opt == "-m":
+        MATCH = val
     if opt == "-s":
-        MATCHSTRING = val
+        SHOWONLY = TRUE
 
 
 # Loop through the log, processing matching records
@@ -297,16 +317,15 @@
             DOIT = FALSE
 
     # Did user specify a selection matching string?
-    if not logrecord.count(MATCHSTRING):
+    if not logrecord.count(MATCH):
         DOIT = FALSE
 
     # If we passed all those tests, it's time to process this record.
     if DOIT:
-
-        sendto = ProcessLogRecord(logrecord)
+        sendto = ProcessLogRecord(logrecord, NOMATCH, SHOWONLY)
         if sendto:
             abuserfile.write("abnot \"" + logrecord + "\" " +
-                                 sendto + "\n")
+                             sendto + "\n")
 
 logfile.close()
 abuserfile.close()