Date created: Saturday, November 26, 2011 7:55:42 PM. Last modified: Wednesday, December 11, 2024 11:59:09 AM
AS & IP Lookup
iplookup.sh
#!/bin/bash echo "Seaching for $1" # Find the RIR for this IP/Block and get the whois output RIR=`whois -h whois.iana.org $1 | grep whois: | awk {'print $2'}` if [ "$RIR" == "" ] then #Sometimes need to grep for "refer:" here instead RIR=`whois -h whois.iana.org $1 | grep refer: | awk {'print $2'}` if [ "$RIR" == "" ] then echo "Couldn't find RIR" exit 1 fi fi echo "RIR: $RIR" WHOIS_INFO=`whois -h $RIR $1` # Check if this is a legacy IP assignment STATUS=`whois -h whois.iana.org $1 | grep status: | awk '{print $2}'` if [ "$STATUS" == "LEGACY" ] then echo "LEGACY ASSIGNMENT!" fi # A little over the top I guess but the second line of each variable is to strip # out surrounding white space so the output is a little neater range=`echo "$WHOIS_INFO" | grep inetnum: | awk -F ":" '{print $2}'` range=`echo ${range#"${x%%[![:space:]]*}"}` org=`echo "$WHOIS_INFO" | grep organisation: | awk -F ":" '{print $2}'` org=`echo ${org#"${x%%[![:space:]]*}"}` desc=`echo "$WHOIS_INFO" | grep -m 1 descr: | awk -F ":" '{print $2}'` desc=`echo ${desc#"${x%%[![:space:]]*}"}` net=`echo "$WHOIS_INFO" | grep -m 1 netname: | awk -F ":" '{print $2}'` net=`echo ${net#"${x%%[![:space:]]*}"}` if [ "$range" == "" ] && [ "$org" == "" ] && [ "$desc" == "" ] && [ "$net" == "" ] then echo "NO INFO FOUND!" whois -h whois.iana.org $1 | grep -v ^# | grep -v ^$ | grep -v ^% exit 1 fi echo "IP Range: $range" echo "Organisation: $org" echo "Description: $desc" echo "Network Name: $net" # Get the origin AS from the RIR ORIGIN="`echo "$WHOIS_INFO" | grep -m 1 origin: | awk '{print $2}'`" # Make sure an origin is given in the whois output if [ "$ORIGIN" == "" ] then echo "No origin in whois record" exit 1 fi echo "Origin: $ORIGIN" # Also get the AS name from the RIR ASName=`whois -h $RIR $ORIGIN | grep -m 1 as-name: | awk '{print $2}'` echo "AS Name: $ASName" echo "Lookup AS exports? (y to accept)" read answer if [ "$answer" = "y" ] then ./aslookup.sh $ORIGIN fi
aslookup.sh
#!/bin/bash echo "Seaching for $1" #Sometimes need to grep for "refer:" here instead RIR=`whois -h whois.iana.org $1 | grep whois: | awk {'print $2'}` if [ "$RIR" == "" ] then RIR=`whois -h whois.iana.org $1 | grep refer: | awk {'print $2'}` if [ "$RIR" == "" ] then echo "Couldn't find RIR" exit 1 fi fi echo "RIR: $RIR" #Try and grab the name of the AS given Name=`whois -h $RIR $1 | grep as-name | awk {'print $2'}` if [ "$Name" = "" ] then #Different whois DBs and their users, use differnt tags Name=`whois -h $RIR $1 | grep "ASName:" | awk {'print $2'}` if [ "$Name" = "" ] then Name="Couldn't find name, did you put \"AS1234\" and not just \"1234\"?" fi fi echo -e "Name: $Name\n" echo "AS exports:" #Not everyone reliably publishes their export/import values ASExports=`whois -h $RIR $1 | grep export | awk {'print $3'}` if [ `echo "${#ASExports}"` -eq 0 ] then echo "[no exports published in whois info]" else for ASNum in $ASExports do AS_RIR=`whois -h whois.iana.org $ASNum | grep whois: | awk {'print $2'}` ASName=`whois -h $AS_RIR $ASNum | grep "as-name" | awk {'print $2'}` if [ "$ASName" = "" ] then ASName=`whois -h $AS_RIR $ASNum | grep "ASName:" $ASInfo | awk {'print $2'}` fi echo "$ASNum $ASName" done fi echo "AS imports:" ASImports=`whois -h $RIR $1 | grep import | awk {'print $3'}` if [ `echo "${#ASImports}"` -eq 0 ] then echo "[no imports published in whois info]" else for ASNum in $ASImports do AS_RIR=`whois -h whois.iana.org $ASNum | grep whois: | awk {'print $2'}` ASName=`whois -h $AS_RIR $ASNum | grep "as-name" | awk {'print $2'}` if [ "$ASName" = "" ] then ASName=`whois -h $AS_RIR $ASNum | grep "ASName:" $ASInfo | awk {'print $2'}` fi echo "$ASNum $ASName" done fi
Previous page: Whois
Next page: Backup pfSense 2.x via HTTPS into CVS (for rancid)