(bash) check if the IP address is in the subnet range file

Question

(bash) check if the IP address is in the subnet range file

I have a list of subnet ranges in a file:

2.32.0.0-2.47.255.255-255.240.0.0
2.112.0.0-2.119.255.255-255.248.0.0
2.156.0.0-2.159.255.255-255.252.0.0
2.192.0.0-2.199.255.255-255.248.0.0
...

(File format: {startip}-{endip}-{netmask}

)

I need to check if the IP address is included in one of the subnet in the file.

+3

linux bash regex shell grep

Stefano guarella May 26 '15 at 14:36

source to share

4 answers

You can use awk

for this:

echo '127.0.0.0-127.255.255.255-255.0.0.0' | awk -F- '
    BEGIN { ip[1] = 127; ip[2] = 0; ip[3] = 0; ip[4] = 1; } 
    { split($1, startIp, "."); split($2, endIp, ".");
        for(i = 1; i <= 4; i++) {
            if(ip[i] < int(startIp[i]) || ip[i] > int(endIp[i]))
                break;
        }

        if(i == 5)
            print "matching line: ", $0; }'

The IP to search is initially set as an array in BEGIN-item as array. Each line is compared for a loop, and if each octet lies between startIp

and endIp

, the matching line is printed.

Some Python 3 firewalls relying on the ipaddress module from 3.3 (available for 2.6 / 2.7:

python3 -c 'from ipaddress import ip_address as IP; list(
    map(print, ((startip, endip) for startip, endip, _ in 
            (ip.split("-") for ip in open("tmp/iplist.txt")) 
            if IP(startip) < IP("127.0.0.1") < IP(endip))))'

This is actually a one-liner for the following scripts:

import sys
from ipaddress import ip_address as IP

ip = IP(sys.argv[1])

with open(sys.argv[2]) as f:
    for line in f:
        startIp, endIp, _ = line.split('-')
        if IP(startIp) < ip < IP(endIp):
            print(line)

Which can be used like this:

$ python3 ipcheck.py 127.0.0.1 iplist.txt

+1

myaut May 26 '15 at 15:24

source to share

You can use this awk script:

awk -F- -v arg='2.158.1.2' 'function ipval(arg) {
   split(arg, arr, ".");
   s=0;
   for (i=1; i<=length(arr); i++)
      s += arr[i] * (10**(6-i));
   return s   
}
ipval(arg) >= ipval($1) && ipval(arg) <= ipval($2)' file
2.156.0.0-2.159.255.255-255.252.0.0

ipval

converts the specified IP address to a numeric value so that it can be easily compared using the arithmetic operator.

+1

anubhava May 26 '15 at 15:34

source to share

I find this variation of the above script more useful:

function ipval()
{
  RES='awk -F- -v arg="$1" '{
    split(arg, arr, ".");
    s=0;
    for (i=1; i<=length(arr); i++) { s += arr[i] * (256**(4-i)); }
    print s
  }' <<< '' '
  return $RES
}

read -p "IP:" IP
ipval "$IP"
echo "RES=$RES"

0

hvillemoes 04 june '19 at 6:14

source to share

ShellFish · Accepted Answer · 2015-05-26T15:01:27+0000

Try the following:

BEGIN {
    FS="."
    ex = "false"
    split(address, ip, ".")
}
{
    split($0, range, "[-.]")
    for (i=1; i<5; i++) {
        if (ip[i] < range[i] || ip[i] > range[i+4])
            break;
        else if ((ip[i] > range[i] && ip[i] < range[i+4]) || i == 4)
            ex = "true"
    }
}
END {
    print ex
}

Call this awk script ( checkIP.awk

) like this:

$ awk -v address="2.156.0.5" -f checkIP.awk /path/to/ip/ranges/file
true
$ awk -v address="0.0.0.0" -f checkIP.awk /path/to/ip/ranges/file
false

(bash) check if the IP address is in the subnet range file

More articles: