LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 11-23-2007, 08:30 AM   #1
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,099

Rep: Reputation: 57
pinging network script


I found this example on some other post:

PHP Code:
Example #1

#!/bin/bash
echo
echo 
""
echo "Enter hostname or ip address: " 
read host
echo
num=`ping -s 1 -c 1 $host > /dev/null; echo $?`
if [ 
$num -eq 0 ]; then
    
echo "Connected to $host."
else
    echo 
"Cannot connect to $host."
fi


Example 
#2

#!/bin/bash
host="ip_address_here"
num=`ping -s 1 -c 1 $host > /dev/null; echo $?`
if [ 
$num -eq 0 ]; then
    
echo "Connected to $host."
else
    echo 
"Cannot connect to $host."
fi 
and another baisc script:

PHP Code:
servers="server1.foo.bar server2.foo.bar server3.foo.bar"
for server in $servers ; do
if 
ping -c 3 -t 5 $server 2>&> /dev/null
then
echo "$server: up"
else
echo 
"$server: down"
fi
done 

and was wondering how I would do this with a 50 network devices. I would like to pull this list of IP's from another file(that has the list of ip's) I would like to see if they are up or not and want it to very quick and efficient. I would also like a nice output to some log files saying that this X amount of switches are up and the others are down and if they have port 23 open on the devices. I would also like a time and a date of displayed on the files. help

Last edited by metallica1973; 11-23-2007 at 08:39 AM.
 
Old 11-23-2007, 08:54 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
cat iplist.txt | while read ipaddress
do
ping $ipaddress
etc...
done
 
Old 11-23-2007, 09:15 AM   #3
spoodie
LQ Newbie
 
Registered: Dec 2006
Posts: 13

Rep: Reputation: 0
Something like this

Code:
#!/bin/bash

# Replace "file" with the file name that has the list of IPs
iplist=file
upcount=0
downhosts=""

for i in $(cat ${iplist})
do
        ping -c 1 -t 1 $i > /dev/null 2>&1
        if [[ $? -eq 0 ]] ; then
                (( upcount+=1 ))
        else
                downhosts="${downhosts} ${i}"
        fi
done

echo "${upcount} switches are up"
echo "The following switches are down: ${downhosts}"
This doesn't do anything about port 23 as you weren't clear about what you wanted. Do you have netcat (the "nc" command) installed?
 
Old 11-23-2007, 09:22 AM   #4
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,099

Original Poster
Rep: Reputation: 57
as far as telnet port 23, I just want to make sure that those ports are not open on these devices and if they are to include it in the log!

Last edited by metallica1973; 11-23-2007 at 09:24 AM.
 
Old 11-23-2007, 09:56 AM   #5
spoodie
LQ Newbie
 
Registered: Dec 2006
Posts: 13

Rep: Reputation: 0
This should do it then, assuming you have "nc" available. Modify the output as suits your requirements.

Code:
#!/bin/bash

# Replace "file" with the file name that has the list of IPs
iplist=file
upcount=0
downhosts=""
port23s=""

for i in $(cat ${iplist})
do
        ping -c 1 -t 1 $i > /dev/null 2>&1
        if [[ $? -eq 0 ]] ; then
                (( upcount+=1 ))
        else
                downhosts="${downhosts} ${i}"
        fi

        nc -z $i 23
        if [[ $? -eq 0 ]] ; then
                port23s="${port23s} ${i}"
        fi
done

echo "${upcount} switches are up"
echo "The following switches are down: ${downhosts}"
echo "The following switches have port 23 open: ${port23s}"
 
Old 11-23-2007, 10:08 AM   #6
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 62
nmap can be used to ping a list of hosts. You use the -sP option to specify a ping scan, and you can read the list of hosts from a file using the -iL option:
Code:
nmap -sP -iL hostlist.txt
On the plus side, this will probably perform better than reading s list of hosts and calling ping for each in turn, as nmap will ping multiple hosts in parallel. There are also some useful output options which you might like.

On the negative side, nmap might not be installed, and some sysadmins may object to having it installed as it can be used for evil as well as good.
 
Old 11-23-2007, 10:08 AM   #7
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
personally i'd be using nmap to check for a port being open. very easy to script around that.
 
Old 11-23-2007, 11:40 AM   #8
Alien_Hominid
Senior Member
 
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247

Rep: Reputation: 53
of course nmap (if you need speed)
 
Old 11-23-2007, 11:52 AM   #9
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,099

Original Poster
Rep: Reputation: 57
Gentleman, I cannot use netcat in this network. Is there another option that I can use such as telnet and then close the connection once there has been an estblished connection to show that telnet and port 23 are open? Because of our network restricition I do not have the flexibilty to use that application. Trust me I would love to use it but the security guys around here have us locked down. You guys are great(spoodie,matthewg42,Alien_Hominid) and as far as acid_keypie, you are the man and I owe you million favors. thanks

Last edited by metallica1973; 11-23-2007 at 12:08 PM.
 
Old 11-23-2007, 01:35 PM   #10
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
what sort of network restriction would that be? all the network sees in a three way tcp handshake, be it netcat, nmap, telnet...
 
Old 11-23-2007, 02:52 PM   #11
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,099

Original Poster
Rep: Reputation: 57
I cannot reveal my location of work but lets say that it is the utmost in security. I have ask the security engineers that the policy is so tight that I could get fired for using an unauthorized program. The server are audited by security engineers and it is almost crazy. So the reason I am asking use alternate method is because of this reason.
 
Old 11-23-2007, 03:09 PM   #12
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
There seems to really be quite some conflict of scope and scale here... if things are that secure, that important, why are you not looking to use proper security cleared tools to do this job? telnet in itself *should* be seen as a liability by a policy of the level you suggest. the ability to expose passwords in plaintext through such an outdated protocol should be in itself enough to ban that program i'd have thought. using telnet to monitor automatically isn't going to be fun as you cna't tune the timeouts and such, so you can be looking at a minute or longer per connection attempt, compared to a second for a proper tool.
 
Old 11-23-2007, 03:43 PM   #13
Alien_Hominid
Senior Member
 
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247

Rep: Reputation: 53
Quote:
Originally Posted by metallica1973 View Post
I cannot reveal my location of work but lets say that it is the utmost in security. I have ask the security engineers that the policy is so tight that I could get fired for using an unauthorized program. The server are audited by security engineers and it is almost crazy. So the reason I am asking use alternate method is because of this reason.

I don't get it. How nc, nmap are insecure? You can use them for various things but they don't make system insecure just because they're installed. They are just same tools like ping, finger or telnet and they're not daemons run with root privileges. So where is the problem if you compile and run them from your home dir? What damage can they do if they're run with your privileges?
Either your network security engineers talk nonsense or you just want to run them in some shell provider (then prohibition is understandable). And telnet (as service) is mostly deprecated everywhere.

Why not to take a different approach? Those computers, which are online, connects to the main one and updates their status like every five minutes.

Last edited by Alien_Hominid; 11-23-2007 at 03:48 PM.
 
Old 11-23-2007, 03:47 PM   #14
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
to play devil's advocate, a policy is a policy, and if it's not up to you to make it, you usually just have to lump it regardless of it making sense or not...
 
Old 11-23-2007, 08:06 PM   #15
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,099

Original Poster
Rep: Reputation: 57
my job is has to due with network performance/security and it also entails working with Solaris/Linux boxes and admin stuff. I am on probation for this job because I just started it and my boss ask me to create this script that is going to replace a vbs script on a windows box that does exactly this:

pings the devices from a file that has all of the ip address of the Cisco NAM's and sniffers and also attempts to telnet to these devices to see if telnet is enable on these devices which is a security issue. My job is to create a shell script that will do the same thing but is faster, more efficient and has a better looking output then what is being produced. These sniffers and Cisco NAMS are scattered all over the USA and it is my responsibility to make sure that these devices that so many other people use, do not have certain services open telnet) for it is a breach of security. I hope that you get a better understanding. I am just trying to impress my boss in hopes that I can keep this job. I got this job by mistake and I am under qualifiedly but if I can impress this guy I can really launch my career forward toward network security and WAN's. thanks

Last edited by metallica1973; 11-23-2007 at 08:08 PM.
 
  


Reply

Tags
nmap, ping, scan, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
writing a shell script for scheduled pinging laucian Linux - Newbie 12 11-08-2007 05:48 AM
script for pinging servers steste Linux - Networking 12 11-16-2004 09:38 AM
Help writing a pinging bash script dehuszar Linux - Software 3 06-18-2004 02:03 PM
Network not pinging any more. duffboygrim Linux - Networking 2 03-30-2004 05:05 PM
bash script prob: pinging boxes bdp Programming 9 02-20-2004 01:50 AM


All times are GMT -5. The time now is 07:36 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration