Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Search IP Address in list of ranges -- not working great

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Search IP Address in list of ranges -- not working great
# 1  
Old 02-22-2012
Search IP Address in list of ranges -- not working great
I have been struggling with a script to automate some security related activities. I have it pretty much working, all except the search. I have an input file formatted as such:
Code:
216.234.246.158    216.234.246.158    `[Spyware_Sites]`
        
24.249.221.22    24.249.221.200    `[Spyware_Sites]`
        
24.249.226.0    24.249.226.255    `[Spyware_Sites]`
        
24.23.0.0    24.30.255.255    `[Spyware_Sites]`
        
64.14.90.11    64.14.97.255    `[Spyware_Sites]`
        
64.128.107.0    64.128.107.255    `[Spyware_Sites]`
        
64.60.0.0    64.62.255.255    `[Spyware_Sites]`
        
64.62.133.6    64.62.133.6    `[Spyware_Sites]`

This represents ranges of IP addresses that have been defined in a security appliance. I need to search this file to determine if the input variable (An single IP Address) falls within any of these ranges. If so display the line.

I am a a novice at development, and naively though this would be fairly straight-forward. It wasn't. However, after many false starts, I was able to get some fairly accurate (fuzzy) results by iteratively searching the first octect for an exact match>file, then using agrep -B to find the best match from there. My code:

Code:
echo $1 >htmp1.tmp
cut -f 1 -d "." htmp1.tmp >htmp2.tmp
var1=$(cat htmp2.tmp)
grep -E ''"^$var1"'\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' hgworking.txt >htmp3.tmp
agrep -B -y $1 htmp3.tmp

This is not ideal, but works for now. I am new to programming -- surely there are folks out there that help me produce more exact results. Thanks in advance!

- Kevin
# 2  
Old 02-22-2012
Input and output are blue-coloured.

Code:
[root@hostname dir]# perl -lane '$x="64.61.1.1"; $x = join ("", (map {sprintf "%03d", $_} (split/\./,$x)));
$ip1 = join ("", (map {sprintf "%03d", $_} (split/\./,$F[0])));
$ip2 = join ("", (map {sprintf "%03d", $_} (split/\./,$F[1])));
($x >= $ip1 && $x <=$ip2) && print' inputfile
64.60.0.0    64.62.255.255    `[Spyware_Sites]`

This User Gave Thanks to balajesuri For This Post:
tsunami4u
# 3  
Old 02-23-2012
An awk based solution along the same lines as the perl posted by balajesuri.
Searches for IP address passed in as $1 to the script. Optionally pass in the file to search, or redirect it in from stdin.

Code:
#!/usr/bin/env ksh

grep ${1%%.*} $2 | awk -v target=$1 '
    function toi( str,  a )
    {
        split( str, a, "." );
        return sprintf( "%d%03d%03d%03d", a[1], a[2], a[3], a[4] ) +0;
    }

    BEGIN { tvalue = toi( target ); }

    NF > 1 {
        if( tvalue >= toi( $1 )  &&   tvalue <= toi( $2 ) )
        {
            matched = $0;
            exit( 0 );
        }
    }
    END {
        if( matched )
            printf( "%s is in range: %s\n", target, $0 );
        else
            printf( "%s is OK\n", target );
    }
'

And before any flames are thrown about not needing the grep... No, it's not needed, but I assume it's faster to let awk munge a subset of the input rather than munging the whole input list.
Last edited by jim mcnamara; 02-23-2012 at 06:04 PM..
This User Gave Thanks to agama For This Post:
tsunami4u
# 4  
Old 02-23-2012
Agama, this solution worked perfectly!

This input file is thousands of lines long... So i agree with you the iterative search should significantly improve performance.

Really appreciate everyone's help!
Last edited by tsunami4u; 02-23-2012 at 04:21 PM..
# 5  
Old 02-23-2012
Code:
$ awk -F'[ \t.]*' '{split(ip,IP); for(i=1;i<=4;i++) if($i>IP[i] || $(i+4)<IP[i]) next}1' ip=24.25.1.1  infile
24.23.0.0    24.30.255.255    `[Spyware_Sites]`

Last edited by Scrutinizer; 02-23-2012 at 04:44 AM..
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Search files between date ranges - Ctime usage

Hello, I am a noob and need some help. I am trying to find files created between a date range. For Example: These are files in directory. -rw-r--r-- 1 user staff 6 May 8 09:43 file1.txt -rw-r--r-- 1 user staff 6 May 8 09:43 file2.txt -rw-r--r-- 1 user... (8 Replies)
Discussion started by: r@v!7*7@
8 Replies

2. Shell Programming and Scripting

awk working inside specific pattern ranges

Hi, I have a text file, which I am trying to parse. File contents: BEG Id Job1 Id Stage1 1 EN Id Job2 Id Stage2 BEG Id2 Job3 Id Stage4 2 EN I have to process the data in this between every BEG and EN. so I am trying to restrict the range and inside every... (1 Reply)
Discussion started by: Kulasekar
1 Replies

3. Linux

search on weblogic logs with date time ranges

Hi All, The developers want me to search and capture the weblogic log, you know this big logs of htmls. They want to me to have ranges on the date and time. Like from "2010-01-20 14:04:46,186" to "2010-01-20 15:00:12,490" I can only do this, cat /usr/local/bea/logs_prod1/debug.log... (1 Reply)
Discussion started by: itik
1 Replies

4. Shell Programming and Scripting

search on weblogic logs with date time ranges 2

Hi All, The developers want me to search and capture the weblogic log, you know this big logs of htmls. They want to me to have ranges on the date and time. Like from "2010-01-20 14:04:46,186" to "2010-01-20 15:00:12,490" I can only do this, cat /usr/local/bea/logs_prod1/debug.log |... (1 Reply)
Discussion started by: itik
1 Replies

5. Shell Programming and Scripting

Help with gawk script that aggregates ip address ranges

Howdy folks, perhaps someone can help me with this problem. My knowledge of awk is not the best... but I've managed to a certain degree and now I'm stuck. These are the steps and the format outputs, problem is written in red text after the STEP 2: STEP 1 Unformated text file (100+... (3 Replies)
Discussion started by: gustisok
3 Replies

6. Shell Programming and Scripting

ksh - how to list all ip address between 2 ip address

Trying to do a ksh script that needs to list all ip address between ip address a and b .. ie. Ip address A=192.168.1.200 Ip address B=192.168.2.15 So the subnet changes from 1 to 2 but I want to list all possible ip addresses between the 2.. Which would be: 192.168.1.200... (4 Replies)
Discussion started by: frustrated1
4 Replies

7. Shell Programming and Scripting

Search values between ranges in File1 within File2

Hi people, I have 2 files, one with a list of non consecutive ranges (File1.txt), where each range begins with the value in column 1 and finishes with the value in column 2 in the same line, as can be seen above. 215312581156279 215312581166279 215312582342558 215312582357758... (4 Replies)
Discussion started by: cgkmal
4 Replies

8. UNIX for Dummies Questions & Answers

send email from address list and subject list

Hello, Here is my problem. there are two files. first.txt <<< contains email address ====== abc@mail.com abd@mail.com abe@mail.com second.txt <<< contains webpage links ======== http//www.test.com/abc/index.html http://www.test.com/abd/index.html http://www.test.com/abe/index.html... (2 Replies)
Discussion started by: paulds
2 Replies
Login or Register to Ask a Question