LinuxQuestions.org - Discover and Parse Active IP Addresses

- Programming (https://www.linuxquestions.org/questions/programming-9/)

- - Discover and Parse Active IP Addresses (https://www.linuxquestions.org/questions/programming-9/discover-and-parse-active-ip-addresses-657777/)

adymroxx

07-23-2008 03:55 PM

Discover and Parse Active IP Addresses

Is there a way to easily discover active hosts on a subnet and parse their IPs into a file? I'm thinking about a bash script which follows the following psuedo code:

Code:

Obtain system IP through ifconfig and parsing out the IP using sed

Ping sweep subnet using nmap

Parse through output, looking for IP addresses returned

Add IPs to an array or CSV file

I'm just now learning about regex and I'm having trouble parsing the IP addresses. Is there an easy way to do this? Is there some much more obvious way of discovering active IPs that I'm just not thinking of?

Thanks!

matthewg42

07-23-2008 04:45 PM

Have you considered using nmap?

anomie

07-23-2008 05:10 PM

Large problems are made easier by breaking them into smaller problems.

Quote:

Ping sweep subnet using nmap

Read the manpages for nmap(1). Search for ping sweep / ping scan.

Quote:

Parse through output, looking for IP addresses returned

Actually look at the output from nmap. You can't parse anything until you understand the data and its format.

Also, there are many ways to use regular expressions to match an IP address (some are more precise than others). I'd start by searching the forums and google.

adymroxx

07-23-2008 05:11 PM

Well, nmap is part of it, but it returns something like this:

Code:

[root@redshirt ~]# nmap -sP 192.168.1.0/24



Starting Nmap 4.53 ( http://insecure.org ) at 2008-07-22 22:49 CDT

Host boxA (192.168.1.100) appears to be up.

MAC Address: 00:11:22:33:44:55 (Cisco-Linksys)

Host boxB (192.168.1.105) appears to be up.

MAC Address: 00:21:12:34:43:01 (Tivo)

etc.

.

.

My question is on how to yank those IP addresses out of there so I can put them into an array or CSV.

adymroxx

07-23-2008 05:12 PM

The regex guide I've been working out of is at http://regular-expressions.info and they have an example for matching IPs, listed as

Code:

\b(?:\d{1,3}\.){3}\d{1,3}\b

but this doesn't seem to work...

Mr. C.

07-23-2008 05:33 PM

Quote:

Originally Posted by adymroxx (Post 3224211)

The regex guide I've been working out of is at http://regular-expressions.info and they have an example for matching IPs, listed as

Code:

\b(?:\d{1,3}\.){3}\d{1,3}\b

but this doesn't seem to work...

Give some context - "doesn't seem to work" in what?

adymroxx

07-23-2008 05:55 PM

Code:

# nmap -sP 192.168.1.0/24 | grep '\b(?:\d{1,3}\.){3}\d{1,3}\b'

Returns nothing. I realize though that by using grep, I would be returned the lines that contain the IPs rather than just the IPs. Is there a way to get just the IPs?

Mr. C.

07-23-2008 06:16 PM

Grep doesn't understand PCREs. Use perl if you want those:

Code:

perl -ne 'print "$1\n" if /(\b(?:\d{1,3}\.){3}\d{1,3})\b/'

For grep, you must simplify and use character classes (vs. \d):

Code:

grep -oE '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}'

adymroxx

07-23-2008 10:10 PM

Quote:

Originally Posted by Mr. C. (Post 3224247)

Grep doesn't understand PCREs. Use perl if you want those:

Code:

perl -ne 'print "$1\n" if /(\b(?:\d{1,3}\.){3}\d{1,3})\b/'

For grep, you must simplify and use character classes (vs. \d):

Code:

grep -oE '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}'

That did it. Thanks!

All times are GMT -5. The time now is 08:00 PM.