从apnic获得ISP IP列表的脚本
朋友让我看一个abel在CU上提出从apnic获得ISP IP列表的脚本
。仔细看了一遍发现abel的方法很复杂很强大,好些命令看不明白,所以想自己按照abel的思想写一个更简单易懂shell脚本。正好前些天学习了sed,练习机会来了,花了两个多小时完成这个任务。脚本如下:
#!/bin/sh
FILE=ip_apnic
ISPIP=ISP.ip
rm -f $FILE
rm -f *.ip
wget http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest
-O $FILE
#remove all useless lines
sed -i -e '/\(apnic\)|\(CN\)|\(ipv4\)|\(.\+\)|\(.\+\)|\(.\+\)|\(.\+\)/!d;' $FILE
#get ip networks and the number of hosts in this network from field 4 and field 5
sed -i -e 's/\(apnic\)|\(CN\)|\(ipv4\)|\(.\+\)|\(.\+\)|\(.\+\)|\(.\+\)/\4 \5/g;' $FILE
while read ip cnt
do
pow=32
#cnt2=$cnt
#get netmask from the number of hosts in the network
while [ $cnt -gt 1 ]; do
pow=$(($pow-1))
cnt=$(($cnt/2))
done
#get whois information, remove all useless lines, extract the netname from the rest line.
NETNAME=`whois -h whois.apnic.net $ip | sed -e '/netname/!d;/netname/q' | sed -e 's/netname:[[:blank:]]\+\(.*\)/\1/g'`
echo $ip/$pow $NETNAME >> $ISPIP
echo $ip/$pow $NETNAME
done < $FILE
#all networks are categorized by their netname like these "sed ..."
sed -n -e '/CNC\|wangtong/p' $ISPIP >> CNCGROUP.ip
sed -n -e '/CHINANET\|CHINATELECOM/p' $ISPIP >> CHINANET.ip
done
abel写好几个case语句匹配NETNAME,由于ISP的NETNAME实在太多,我就不写case了,直接在最后的sed命令中硬编码NETNAME。如果要做的更好,可以先定义一个ISP NETNAME的数组,然后做一个for循环。与abel的脚本相比,上面的脚本使用的命令更少,程序结构更简单,基本上是靠sed命令解决问题。如果说abel使用乘法计算2*5=10的话,那我就是用比较笨的加法计算2*5=5 + 5 = 10。
---------------------------------------------------------------------------------------------------------------------------------------------
程序代码
$iplist=file_get_contents("ftp://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest
");
$ipsplit=split("[\n]+",$iplist);
foreach($ipsplit as $val){
if(preg_match("/apnic\|CN\|ipv4\|/",$val)){
list($nic,$CN,$ver,$ip,$mask)=preg_split("/\|/",$val);
$iparray['set'][]=array("ip"=>$ip,"mask"=>$mask);
}
}
foreach($iparray['set'] as $val){
echo $val['ip']."\t".(32-log($val['mask'],2))."\n";
$flag=GetWhois($val['ip']);
switch($flag){
case "CHINANET":
//$fpc=fopen("CHINANET.lst","a+");
//fwrite($fpc,$val['ip']."/".(32-log($val['mask'],2))."\n");
$CHINANET[]=$val['ip']."/".(32-log($val['mask'],2));
break;
case "CNC":
//$fpc=fopen("CNC.lst","a+");
//fwrite($fpc,$val['ip']."/".(32-log($val['mask'],2))."\n");
$CNC[]=$val['ip']."/".(32-log($val['mask'],2));
break;
break;
case "CRTC":
//$fpc=fopen("CRTC.lst","a+");
//fwrite($fpc,$val['ip']."/".(32-log($val['mask'],2))."\n");
$CRTC[]=$val['ip']."/".(32-log($val['mask'],2));
break;
default:
//$fpc=fopen("OTHERS.lst","a+");
//fwrite($fpc,$val['ip']."/".(32-log($val['mask'],2))."\n");
$OTHERS[]=$val['ip']."/".(32-log($val['mask'],2));
break;
}
}
//去掉重复数据
$CHINANET = array_unique($CHINANET);
$CNC = array_unique($CNC);
$CRTC = array_unique($CRTC);
$OTHERS = array_unique($OTHERS);
//生成IP集表 CHINANET
$MaxCount = count($CHINANET);
$fpc_lst=fopen("CHINANET.lst","a+");
$fpc_routes_rsc=fopen("CHINANET_routes.rsc","a+");
$fpc_address_rsc=fopen("CHINANET_address.rsc","a+");
fwrite($fpc_routes_rsc,"/ ip route rule\n");
fwrite($fpc_address_rsc,"/ ip firewall address-list\n");
for ($iCount=0;$iCount< $MaxCount;$iCount++){
fwrite($fpc_lst,$CHINANET[$iCount]."\n");
fwrite($fpc_routes_rsc,"add dst-address=".$CHINANET[$iCount]." action=lookup table=Route_ChinaNet disabled=no\n");
fwrite($fpc_address_rsc,"add list=ChinaNet address=".$CHINANET[$iCount]." disabled=no\n");
}
fclose($fpc_address_rsc);
fclose($fpc_routes_rsc);
fclose($fpc_lst);
//生成IP集表 CNC
$MaxCount = count($CNC);
$fpc_lst=fopen("CNC.lst","a+");
$fpc_routes_rsc=fopen("CNC_routes.rsc","a+");
$fpc_address_rsc=fopen("CNC_address.rsc","a+");
fwrite($fpc_routes_rsc,"/ ip route rule\n");
fwrite($fpc_address_rsc,"/ ip firewall address-list\n");
for ($iCount=0;$iCount< $MaxCount;$iCount++){
fwrite($fpc_lst,$CNC[$iCount]."\n");
fwrite($fpc_routes_rsc,"add dst-address=".$CNC[$iCount]." action=lookup table=Route_CNC disabled=no\n");
fwrite($fpc_address_rsc,"add list=CNC address=".$CNC[$iCount]." disabled=no\n");
}
fclose($fpc_address_rsc);
fclose($fpc_routes_rsc);
fclose($fpc_lst);
//生成IP集表 CRTC
$MaxCount = count($CRTC);
$fpc_lst=fopen("CRTC.lst","a+");
$fpc_routes_rsc=fopen("CRTC_routes.rsc","a+");
$fpc_address_rsc=fopen("CRTC_address.rsc","a+");
fwrite($fpc_routes_rsc,"/ ip route rule\n");
fwrite($fpc_address_rsc,"/ ip firewall address-list\n");
for ($iCount=0;$iCount< $MaxCount;$iCount++){
fwrite($fpc_lst,$CRTC[$iCount]."\n");
fwrite($fpc_routes_rsc,"add dst-address=".$CRTC[$iCount]." action=lookup table=Route_CRTC disabled=no\n");
fwrite($fpc_address_rsc,"add list=CRTC address=".$CRTC[$iCount]." disabled=no\n");
}
fclose($fpc_address_rsc);
fclose($fpc_routes_rsc);
fclose($fpc_lst);
//生成IP集表 OTHERS
$MaxCount = count($OTHERS);
$fpc_lst=fopen("OTHERS.lst","a+");
$fpc_routes_rsc=fopen("OTHERS_routes.rsc","a+");
$fpc_address_rsc=fopen("OTHERS_address.rsc","a+");
fwrite($fpc_routes_rsc,"/ ip route rule\n");
fwrite($fpc_address_rsc,"/ ip firewall address-list\n");
for ($iCount=0;$iCount< $MaxCount;$iCount++){
fwrite($fpc_lst,$OTHERS[$iCount]."\n");
fwrite($fpc_routes_rsc,"add dst-address=".$OTHERS[$iCount]." action=lookup table=Route_OTHERS disabled=no\n");
fwrite($fpc_address_rsc,"add list=ChinaNet address=".$OTHERS[$iCount]." disabled=no\n");
}
fclose($fpc_address_rsc);
fclose($fpc_routes_rsc);
fclose($fpc_lst);
function GetWhois($IP){
$rootwhois = 'whois.apnic.net';
$buffer1 = ReadSocket($rootwhois,$IP);
$flag="";
$buffer_result=nl2br($buffer1);
if(preg_match("/CHINANET/",$buffer_result)){
$flag="CHINANET";
return $flag;
}
if(preg_match("/CNC/",$buffer_result)){
$flag="CNC";
return $flag;
}
if(preg_match("/CRTC/",$buffer_result)){
$flag="CRTC";
return $flag;
}
if(!preg_match("/CHINANET|CRTC|CNC/",$buffer_result)){
$flag="OTHERS";
return $flag;
}
}
function ReadSocket($whois,$ip)
{
$buffer = '';
if (!$sock = fsockopen( $whois, 43, $errNum, $errStr, 20))
{
echo "Sorry,Can't fsockopen it";
}
else
{
fputs($sock,"$ip\n");
//$buffer = fread($sock, 8192);
while(!feof($sock)) $buffer.=fgets($sock, 8192);
fclose($sock);
}
return $buffer;
}
?>
1、 利用shell程序获取IP地址段
#!/bin/sh
FILE=/root/study/apnic/ip_apnic
rm -f $FILE
wget http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest
-O $FILE
grep 'apnic|CN|ipv4|' $FILE | cut -f 4,5 -d'|'|sed -e 's/|/ /g' | while read ip cnt
do
echo $ip:$cnt
mask=$(cat << EOF | bc | tail -1
pow=32;
define log2(x) {
if (x<=1) return (pow);
pow--;
return(log2(x/2));
}
log2($cnt)
EOF)
echo $ip/$mask>> cn.net
NETNAME=`whois $ip@whois.apnic.net | sed -e '/./{H;$!d;}' -e 'x;/netnum/!d' |grep ^netname | sed -e 's/.*: \(.*\)/\1/g' | sed -e 's/-.*//g'`
case $NETNAME in
CNC)
echo $ip/$mask >> CNCGROUP
;;
CHINANET|CNCGROUP)
echo $ip/$mask >> $NETNAME
;;
CHINANET|CNCGROUP)
echo $ip/$mask >> $NETNAME
;;
CHINATELECOM)
echo $ip/$mask >> CHINANET
;;
*)
echo $ip/$mask >> OTHER
;;
esac
done