Identification of network addresses provider
It just so happened that I, like many, love a freebie. And one fine moment, in order to provide it, I needed to find out the addresses of the networks assigned to my provider. Google did not give a simple and unambiguous answer, I will be glad if the experts nudge me. The call to the provider, giving rise to a reasonable question - “why do you need it?” - disappeared. I had to go crazy.
In our provider's network, there is a rather popular dc-hub. Moreover, only subscribers have access to it. That's the way out!)
If any of you are using the greylinkdc ++ program, you will surely remember that it logs connections to the hub and, what is very important, the ip-client also appears in the logs. I parsed the log of this type " ip; nickname; hub; timestamp ", that is, the usual cvs. Well, then it's up to a small script.
As you can see, in addition to the regular libraries, we will need:
And lastly, on the speed. Team
In our provider's network, there is a rather popular dc-hub. Moreover, only subscribers have access to it. That's the way out!)
If any of you are using the greylinkdc ++ program, you will surely remember that it logs connections to the hub and, what is very important, the ip-client also appears in the logs. I parsed the log of this type " ip; nickname; hub; timestamp ", that is, the usual cvs. Well, then it's up to a small script.
#!/usr/bin/env python import re, cymruwhois from sys import argv, stdin from iptools import IpRange, IpRangeList private_nets = IpRangeList("10/8", "172.16/12", "192.168/16") ip_re = re.compile(r'^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])') def iprangelistappend(match, rangelist): rangelist.ips += (IpRange(match.prefix),) return (match.prefix, match.owner) def main(input): ips = sorted(set(ip_re.match(line).group(0) for line in input if ip_re.match(line))) ips = filter(lambda ip: ip not in private_nets, ips) public_nets = IpRangeList() whois = cymruwhois.Client() nets = (iprangelistappend(whois.lookup(ip), public_nets) for ip in ips if ip not in public_nets) for prefix, owner in nets: print prefix, owner if __name__ == "__main__": if len(argv) == 1: main(stdin) else: main(open(argv[2])) As you can see, in addition to the regular libraries, we will need:
- iptools - to work with ip-addresses
- cymruwhois - whois client
109.171.0.0/17 ZSTTKAS JSC Zap-SibTranstelecomYou can ask a legitimate question - why are there different providers in the output? and why does the owner appear at all? I answer. Logs that I fed to the script for a fairly long period of time, to minimize the chance of overlooking the subnet. During this time, as I believe, there has been a redistribution of addresses. So, whatever one may say, but you still have to control the process.
176.196.0.0/15 ELIGHT-AS E-Light-Telecom
178.171.0.0/17 ELIGHT-AS E-Light-Telecom
195.161.0.0/16 RTCOMM-AS OJSC RTComm.RU
212.75.192.0/19 ELIGHT-AS E-Light-Telecom
46.180.0.0/15 ELIGHT-AS E-Light-Telecom
………
And lastly, on the speed. Team
cat userip.log | grep 10.110.1.10 | cut -d";" -f 1 | ./exctract_nets.py; works on my core-i5, on a log with 4418365 entries, in 19 seconds. So do not be surprised if you do not see the output for a long time.')
Source: https://habr.com/ru/post/127822/
All Articles