#!/bin/sh ## author: parv, parv UNDERSCORE AT yahoo DOT com ## date: jan 09 2002 ## ## license: free to use as you please w/ proper credit given ## ## name: getroute.bash ## ## purpose: get all kinds, actually 4, of information about ipv4 addresses ## ## usage: ## getroute a.b.c.d p.q.r.s ## umask=077 # used to create files/directories to store logs HOME=/home/parv ## function to check if 127/8, 10/8 etc are being probed # sane_address() { case $1 in 192.168.* | 172.16.* | 127.* | 10.* ) echo "* $1 isn't worth investigating." return 1 ;; esac return 0 } ## check if an argument (ip address or nslookupname) given # if test $# -eq 0 then echo '* give me an ip address' exit fi ## loop for multiple ips for IP in $@ do ## skip if we can # ( ! sane_address "$IP" ) && continue ## set log files' locations ## log files directory L_home="${HOME}/log/ip/${IP%%.*}/${IP}" ## ipf # ipf log file to search IPF_LOG=/var/log/ipf.log # interface to look for (grep regex) #if=tun. #if=ep. if=em. # ipf search to log L_filter=/dev/null L_filter=${L_home}/${IP}_f ## nslookup name L_nslookup=/dev/null L_nslookup=${L_home}/${IP}_nslookup ## whois/ipw/ripewhois L_whois=/dev/null L_whois=${L_home}/${IP}_whois ## traceroute L_tr=/dev/null L_tr=${L_home}/${IP}_tr ## check if log directory exists and/or is writeable if test ! -d $L_home then echo ' - making' $L_home mkdir -p $L_home || (echo '* mkdir' $L_home 'failed, exiting...' ; exit) chmod 700 $L_home || (echo '* chmod 700' $L_home 'failed, exiting...' ; exit) fi if test ! -w $L_home then echo ' - changing permissions of' $L_home chmod 700 $L_home || (echo '* chmod 700' $L_home 'failed, exiting...' ; exit) fi ## filter ipf log, query nslookupname & whois, traceroute & save/show output for q in filter nslookup whois traceroute do case $q in filter) #fgrep $IP $IPF_LOG | grep " $if @.*:.* b " ; echo '--' $q '--' ) | tee -a $L_filter { echo ; echo '--' $q '--' `date` $IP ; echo ; \ fgrep $IP $IPF_LOG | grep " $if @.*:.* " ; echo '--' $q '--'; } | tee -a $L_filter ;; nslookup) { echo ; echo '--' $q '--' `date` $IP ; echo ; \ nslookup $IP ; echo '--' $q '--'; } >> $L_nslookup 2>&1 & ;; whois) # whois info via ipw from ports { echo ; echo '--' $q '--' `date` $IP ; echo ; \ #ipw $IP | sed -e 's#^network:##' -e 's#:# #g' -e 's#;I# #g' ; echo '--' $q '--'; } 2>&1 | tee -a $L_whois & whois $IP ; echo '--' $q '--'; } 2>&1 | tee -a $L_whois & ;; traceroute) { echo ; echo '--' $q '--' `date` $IP ; echo ; \ traceroute -v -q 2 -w 5 $IP ; echo '--' $q '--'; } | tee -a $L_tr ;; *) ;; esac done done # loop over $@