从APNIC提取IP信息
| 阿里云国内75折 回扣 微信号:monov8 |
| 阿里云国际,腾讯云国际,低至75折。AWS 93折 免费开户实名账号 代冲值 优惠多多 微信号:monov8 飞机:@monov6 |
从APNIC提取IP信息
https://blog.csdn.net/nullzeng/article/details/17538009
Apnic介绍
简而言之,Apnic是全球5个地区级的Internet注册机构(RIR)之一,负责亚太地区的以下一些事务:
(1)分配IPv4和IPv6地址空间,AS号
(2)为亚太地区维护Whois数据库
(3)反向DNS指派
(4)在全球范围内作为亚太地区的Internet社区的代表
更详细的Apnic介绍文档请参见:
http://www.apnic.net/about-APNIC/organization
或者
http://en.wikipedia.org/wiki/Asi ... _Information_Centre
相关网址:
https://www.apnic.net/
https://www.nro.net/
Apanic IP地址分配信息总表
Apanic提供了每日更新的亚太地区IPv4,IPv6,AS号分配的信息表,访问url是
http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest
该文件的格式与具体内容参加
ftp://ftp.apnic.net/pub/apnic/stats/apnic/README.TXT
通过该文件我们能够得到Apnic辖下IPv4地址空间的分配情况。但从该文件中我们只能得到
apnic|TW|asn|1768|2|20020801|allocated
apnic|CN|ipv4|1.2.2.0|256|20110331|assigned
等级机构|获得该IP段的国家/组织|资源类型|起始IP|IP段长度|分配日期|分配状态
Format:
registry|cc|type|start|value|date|status[|extensions...]
Where:
registry The registry from which the data is taken.
For APNIC resources, this will be:
apnic
cc ISO 3166 2-letter code of the organisation to
which the allocation or assignment was made.
May also include the following non-ISO 3166
code: AP - networks based in more than one
location in the Asia Pacific region
type Type of Internet number resource represented
in this record. One value from the set of
defined strings:
{asn,ipv4,ipv6}
start In the case of records of type 'ipv4' or
'ipv6' this is the IPv4 or IPv6 'first
address' of the range.
value In the case of IPv4 address the count of
hosts for this range. This count does not
have to represent a CIDR range.
但关于省、运营商、地址、路由等信息仍然无法获取
信息总表的扩展
在获取上述总表的基础上,我们通过不断的进行whois,就能得到更多的信息
例如,这对起始IP 1.4.4.0,我们运行whois 1.4.4.0,得到如下的信息
whois 1.4.4.0
[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 1.4.4.0 – 1.4.4.255
netname: KNET
descr: KNET Techonlogy (BeiJing) Co.,Ltd.
descr: 4,South 4th treet, Zhongguancun,Haidian District,Beijing
country: CN
admin-c: HS1165-AP
tech-c: WL1818-AP
mnt-by: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
status: ASSIGNED PORTABLE
changed: hm-changed@apnic.net 20110331
source: APNIC
person: Hanhui Sun
address: 4,South 4th treet, Zhongguancun,Haidian District,Beijing
country: CN
phone: +86-010-58813102
fax-no: +86-010-58812666-126
e-mail: sunhanhui@knet.cn
nic-hdl: HS1165-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20110315
source: APNIC
person: Wenzhe Lu
address: 4,South 4th treet, Zhongguancun,Haidian District,Beijing
country: CN
phone: +86-010-58813017
fax-no: +86-010-58812666-126
e-mail: lwz@knet.cn
nic-hdl: WL1818-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20110315
source: APNIC
其中我们比较关注的信息有:
inetnum:起始和终止IP地址
netname: 网络名(运营商/Org等)
country: 国家
descr: 描述信息(往往含有地域、ISP等信息)
address: 地址信息
通过不断对上述的信息总表的起始IP地址进行whois,我们可以得到详细的IP地址对应的地域、ISP、Org等信息
实现时,在对上述信息总表的起始IP地址进行whois时,需要考虑到两种情况:
(1)对信息总表起始IP地址进行whois时,得到的inetnum中包含的IP地址数目经常会小于信息总表中对应的IP数,因此往往需要多次whois才能得到最终的结果
(2)对信息总表起始IP地址进行whois时,得到的inetnum中的起始IP有可能会小于信息总表中的起始IP,这时也需要进行处理,否则可能使得最终的结果出现IP段交叉的情况
Apnic whois库处理流程总结
为了获取Apnic whois库的完整结果,可以遵循下面的流程:
(1)通过http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest获取Apanic负责分配的所有IPv4地址段的起始地址和长度
(2)通过对上述IP段进行whois操作,得到该IP段的相关信息
(3)whois结果的信息提取、处理和规范化。常见的处理包括国家、省、市、ISP、机构等信息的提取,英文与中文的转化等
通过上述三步,我们就能够得到whois库的结果
#!/bin/bash
#include
#define
TMP=/tmp/apnic_file
FILE=$
DIR=APNIC
PROG1="whois.sh"
PROG2="merge.sh"
THREAD=
#function
#main
if [[ -z $ ]]; then
echo "$(basename $0) "
exit
fi
which whois &>/dev/null
if [[ $? -ne ]]; then
echo "Please install whois(apt-get install whois)"
exit
fi
rm -rf $DIR [-]* $PROG >/dev/null
tail -n +$(awk '/^#!/{if(i){print NR;exit}i++}' $) "$0" > $PROG1
tail -n +$(awk '/^#!/{if(i==2){print NR;exit}i++}' $) "$0" > $PROG2
chmod +x $PROG1 $PROG2 >/dev/null
awk -F"[|]" '/apnic\|CN\|ipv4\|/{print $4,$5}' $FILE > $TMP
awk -vp=$THREAD 'BEGIN{while(getline i}' $TMP
for BLOCK in $(ls [-]*); do
./$PROG1 $BLOCK &
done
wait
echo "The whois query is completed"
mkdir -p $DIR/CHINANET $DIR/UNICOM
for dir in $(ls [-]*); do
cd $DIR/$dir
for i in $(find . -type f); do
file=${i#*/}
cat $file >> ../$file
done
cd ../..
done
rm -rf $DIR/[-]* >/dev/null
rm -rf [-]* >/dev/null
for file in $(find $DIR -type f); do
case $file in
*bug|*error|*print)
echo "ignore $file"
;;
*)
./merge.sh $file
;;
esac
done
rm $PROG1 $PROG2 >/dev/null
rm /tmp/whois_*
echo "$(basename $0) Completed"
exit
#!/bin/bash
#################################################
# 主机数 = ^ (-mask)
# 所以以2为底取主机数的对数, 就是该mask的值.
#
#MASK=$(cat <<EOF | bc | tail -
#pow=;
#define log2(x) {
# if (x<) return (pow);
# pow--;
# return(log2(x/));
#}
#log2($CNT)
#EOF
#)
#MASK=$(pow=;for((i=$CNT;i>;i=i/)); do :; ((pow--)); done;echo $pow)
#MASK=$(awk -v c=$CNT 'function log2(x){if(x<2)return(pow);pow--;return(log2(x/2))}BEGIN{pow=32;print log2(c)}')
#################################################
#include
#define
FILE=$
WHOIS=/tmp/whois_$FILE
DIR=APNIC/$FILE
#function
province(){
case $ in
FJ*|fj*|FuZhou|fuzhou)
echo "$2/$3" >> $DIR/$/fujian
;;
GD*)
echo "$2/$3" >> $DIR/$/guangdong
;;
NM)
echo "$2/$3" >> $DIR/$/neimenggu
;;
GZ)
echo "$2/$3" >> $DIR/$/guizhou
;;
NX|NINGXIA)
echo "$2/$3" >> $DIR/$/ningxia
;;
HL*)
echo "$2/$3" >> $DIR/$/heilongjiang
;;
SX|TY)
echo "$2/$3" >> $DIR/$/shanxi
;;
SN|SHAANXI)
echo "$2/$3" >> $DIR/$/shannxi
;;
HA)
echo "$2/$3" >> $DIR/$/henan
;;
BJ)
echo "$2/$3" >> $DIR/$/beijing
;;
CQ)
echo "$2/$3" >> $DIR/$/chongqing
;;
KM|YN)
echo "$2/$3" >> $DIR/$/yunan
;;
HB|DIAQOS1)
echo "$2/$3" >> $DIR/$/hubei
;;
XZ)
echo "$2/$3" >> $DIR/$/xizang
;;
HE)
echo "$2/$3" >> $DIR/$/hebei
;;
SD)
echo "$2/$3" >> $DIR/$/shandong
;;
GS)
echo "$2/$3" >> $DIR/$/gansu
;;
AH|Anhui)
echo "$2/$3" >> $DIR/$/anhui
;;
LN)
echo "$2/$3" >> $DIR/$/liaoning
;;
HN|HUNAN)
echo "$2/$3" >> $DIR/$/hunan
;;
JS|SZ)
echo "$2/$3" >> $DIR/$/jiangsu
;;
XJ)
echo "$2/$3" >> $DIR/$/xinjiang
;;
JX)
echo "$2/$3" >> $DIR/$/jiangxi
;;
JL)
echo "$2/$3" >> $DIR/$/jilin
;;
SH|INSURANCE)
echo "$2/$3" >> $DIR/$/shanghai
;;
GX)
echo "$2/$3" >> $DIR/$/guangxi
;;
HI)
echo "$2/$3" >> $DIR/$/hainan
;;
TJ)
echo "$2/$3" >> $DIR/$/tianjin
;;
SC)
echo "$2/$3" >> $DIR/$/sichuan
;;
QH|GEERMU)
echo "$2/$3" >> $DIR/$/qinghai
;;
HK)
echo "$2/$3" >> $DIR/$/xianggang
;;
ZJ)
echo "$2/$3" >> $DIR/$/zhejiang
;;
*)
echo "$2/$3" >> $DIR/$/_other
;;
esac
}
whois_query(){
echo -e "Process[$FILE]\twhois [$1]"
whois $ > $WHOIS
return $?
}
ntoa(){
awk '{c=256;print int($0/c^3)"."int($0%c^3/c^2)"."int($0%c^3%c^2/c)"."$0%c^3%c^2%c}' <<<$
}
aton(){
awk '{c=256;split($0,ip,".");print ip[4]+ip[3]*c+ip[2]*c^2+ip[1]*c^3}' <<<$
}
add_network(){
echo "$2/$3 $1 $4" >> $DIR/print
case $ in
CHINANET)
province $ $ $ $
;;
UNICOM)
province $ $ $ $
;;
CMNET)
echo "$2/$3" >> $DIR/$
;;
CTTNET)
echo "$2/$3" >> $DIR/$
;;
CERNET)
echo "$2/$3" >> $DIR/$
;;
*)
echo "$2/$3 $1 $4" >> $DIR/bug
echo "$2/$3" >> $DIR/others
;;
esac
}
bool_sub(){
START=$HEAD
MASK=
local NET
local i=$((~))
while [[ $START -lt $TAIL ]]; do
((i<<=))
NET=$((HEAD&i))
START=$((~(NET^i)))
((MASK--))
if [[ $START -eq $TAIL ]]; then
return
fi
done
return
}
do_whois(){
local NET
local i=$((~))
local j
eval $(awk 'BEGIN{i=256}/^inetnum:/{split($4,ipe,".");ipt=ipe[4]+ipe[3]*i+ipe[2]*i^2+ipe[1]*i^3}END{print "TAIL="ipt}' $WHOIS)
eval $(awk '/^$/{if(i)exit;}\
/^netname:/{i++;split($,a,"-");isp=a[];area=a[];if(isp=="CNC"||isp=="UNI"||isp=="uni")isp="UNICOM";\
if((isp=="UNICOM"&&length(area)) || (isp=="CHINANET"&&length(area)))exit}\
/^mnt-by:.*CNCGROUP/{n=split($,a,"-");isp="UNICOM";for(x=;x<=n;x++){if(a[x]=="CNCGROUP"){area=a[x+];break}};exit}\
/^mnt-by:.*CHINANET/{n=split($,a,"-");isp="CHINANET";for(x=;x<=n;x++){if(a[x]=="CHINANET"){area=a[x+];break}};exit}\
/^mnt-by:.*CERNET/{n=split($,a,"-");isp="CERNET";for(x=;x<=n;x++){if(a[x]=="CERNET"){area=a[x+];break}};exit}\
/^mnt-by: *MAINT-CN-SNXIAN/{isp="CHINANET";area="SN";exit}\
/^netname: *guangzhou-.*-corp/{isp="UNICOM";area="GD";exit}\
/^mnt-lower:.*CERNET/{isp="CERNET";exit}\
/^mnt-lower:.*CHINANET/{n=split($,a,"-");isp="CHINANET";for(x=;x<=n;x++){if(a[x]=="CHINANET"){area=a[x+];break}};exit}\
END{print "ISP="isp";AREA="area}' $WHOIS)
HEAD=$(aton $IP)
bool_sub
if [[ $? -eq ]]; then
add_network $ISP $IP $MASK $AREA
else
j=$((-MASK))
((i<<=j))
while [[ $NET -ne $HEAD ]]; do
((i>>=))
NET=$((HEAD&i))
((MASK++))
done
IP=$(ntoa $HEAD)
add_network $ISP $IP $MASK $AREA
TAIL=$((~(NET^i)))
((TAIL++))
IP=$(ntoa $TAIL)
whois_query $IP
if [[ $? -eq ]]; then
do_whois
else
echo "$IP/$MASK" >> $DIR/error
fi
fi
}
#main
FILE=$
rm -rf $DIR >/dev/null
mkdir -p $DIR/CHINANET $DIR/UNICOM
while read IP CNT; do
START=$(aton $IP)
END=$((START+CNT-))
TAIL=
MASK_MAX=$(pow=;for((i=$CNT;i>;i>>=)); do :; ((pow--)); done;echo $pow)
while [[ $TAIL -lt $END ]]; do
whois_query $IP
if [[ $? -eq ]]; then
do_whois
((TAIL++))
IP=$(ntoa $TAIL)
else
echo "$IP/$MASK" >> $DIR/error
fi
done
done < $FILE
exit
#!/bin/bash
if [[ -z $ ]]; then
echo "file not found"
exit
fi
if [[ ! -f $ ]]; then
echo "$1 is not exsit"
exit
fi
TMP=/tmp/merge
while :; do
awk -F"/" '
function ntoa(n){c=;return int(n/c^)"."int(n%c^/c^)"."int(n%c^%c^/c)"."n%c^%c^%c}
function aton(d){c=;split(d,ip,".");return ip[]+ip[]*c+ip[]*c^+ip[]*c^}
function ntobc(a,b){e=compl();f=lshift(e,-b);s=and(a,f);return compl(xor(s,f))}
function ntosub(j,k){g=compl();h=lshift(g,-k);return and(j,h)}
NR>{
if($==ntoa(bc+) && $==mask && ip_int==ntosub(ip_int,$-)){
mask=$-;bc=ntobc(ip_int,mask);
next;
}else{
print add"/"mask
}
}
{add=$;ip_int=aton($);mask=$;bc=ntobc(ip_int,mask)}
END{print add"/"mask}
' $1 > $TMP
FILE_SIZE=$(ls -l $ >/dev/null | awk '{print $5}')
TMP_SIZE=$(ls -l $TMP >/dev/null | awk '{print $5}')
if [[ $FILE_SIZE -eq $TMP_SIZE ]]; then
break
fi
cp $TMP $
done
exit
==============================
#!/bin/bash
# download from apnic
rm -f delegated-apnic-latest
wget http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest # IPs allocated to china.
grep 'apnic|CN|ipv4|' delegated-apnic-latest | cut -f -d'|' > delegated-apnic-CN # get detail of echo IP from apnic database.
rm -f apnic_CN.txt
while read ip
do
# query apnic database
echo "query who is $ip"
whois -h whois.apnic.net $ip > tmp.txt
grep inetnum tmp.txt >> apnic_CN.txt # IP range
grep netname tmp.txt >> apnic_CN.txt # netname which include sp information
grep descr tmp.txt >> apnic_CN.txt # description which include province information
echo "" >> apnic_CN.txt
done < delegated-apnic-CN # clean up
rm -f tmp.txt
rm -f delegated-apnic-latest
rm -f delegated-apnic-CN
APNIC是管理亚太地区IP地址分配的机构,它有着丰富准确的IP地址分配库,同时这些信息也是对外公开的!
一、在Linux下获得一些电信运营商的IP地址段的情况:
1、编译安装软件
shell> wget http://ftp.apnic.net/apnic/dbase/tools/ripe-dbase-client-v3.tar.gz shell> tar xzvf ripe-dbase-client-v3.tar.gz shell> cd whois-3.1 shell> ./configure shell> make
2、开始获取IP地址段
中国网通:
shell> ./whois3 -h whois.apnic.net -l -i mb MAINT-CNCGROUP > /root/cncrange.txt
中国电信:
shell> ./whois3 -h whois.apnic.net -l -i mb MAINT-CHINANET > /root/chinanetrange.txt
中国铁通:
shell> ./whois3 -h whois.apnic.net -l -i mb MAINT-CN-CRTC > /root/crtcrange.txt
专门获取中国网通路由表
shell> ./whois3 -h whois.apnic.net -l -i mb MAINT-CNCGROUP-RR > /root/cncrr.txt
注:MAINT-CNCGROUP 为中国网通在apnic的自治系统号
如果想得到具体的服务商比如山东网通的 就用MAINT-CNCGROUP-SD
具体查看http://www.apnic.net/index.html
其他查询选项 请查看 http://www.apnic.net/apnic-info/whois_search
3、过滤提取IP段
以中国网通为例:
shell> cat cncip.txt | grep “inetnum” | sed ‘s/inetnum: //g’
中国网通路由表
shell> cat /root/cnciprt.txt | grep route | sed ‘s/route://g’ | sed ‘s/. //g’
用下面的工具进行整理更方便LFHIPConverter subnettools102
如果做智能dns的话 用下面的方法:
获取中国CNC网通地址列表字段
./whois3 -h whois.apnic.net -l -i mb MAINT-CNCGROUP | grep “descr” | grep “Reverse” | awk -F “for” ‘{if ($!=”") print $2}’| sort -n | awk ‘BEGIN{print “acl /”CNC/” ‘{‘”}{print $1″;”}END{print “‘}’;”}’ > /var/named/cnc_acl.conf
获取中国电信CTC 地址列表字段
./whois3 -h whois.apnic.net -l -i mb MAINT-CHINANET | grep “descr” | grep “Reverse” | awk -F “for” ‘{if ($!=”") print $2}’| sort -n | awk ‘BEGIN{print “acl /”CTC/” ‘{‘”}{print $1″;”}END{print “‘}’;”}’ > /var/named/ctc_acl.conf
二、使用ripe-whois3获得电信,网通等运营商的ip地址(以下方法没有测试,摘抄于网络)
Linux中下载安装
http://ftp.apnic.net/apnic/dbase/tools/ripe-whois-tools-2.3.tar.gz tar xzvf ripe-whois-tools-2.3.tar.gz cd /usr/ports/net/ripe-whois3 make install clean rehash
查询:
中国网通: whois3 -h whois.apnic.net -l -i mb MAINT-CNCGROUP
中国电信: whois3 -h whois.apnic.net -l -i mb MAINT-CHINANET
中国铁通: whois3 -h whois.apnic.net -l -i mb MAINT-CNC-CRTC
三、自动获取任意国家地区ip段(需要自己根据实际情况修改)
#!/bin/sh
FILE=./ip_apnic
rm -f $FILE
wget http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest -O $FILE
grep ‘apnic|CN|ipv4|’ $FILE | cut -f , -d’|'|sed -e ‘s/|/ /g’ | while read ip cnt
do
echo $ip:$cnt
mask=$(cat << EOF | bc | tail -
pow=;
define log2(x) {
if (x<=) return (pow);
pow–;
return(log2(x/));
}
log2($cnt)
EOF)
echo $ip/$mask>> cn.net
NETNAME=`whois $ip@whois.apnic.net | sed -e ‘/./{H;$!d;}’ -e ‘x;/netnum/!d’ |grep ^netname | sed -e ‘s/.*: /(.*/)//1/g’ | sed -e ‘s/-.*//g’`
case $NETNAME in
CHINANET|CNCGROUP)
echo $ip/$mask >> $NETNAME
;;
#如果你还要其他 ISP , 请在这边加上去即可,透过 apnic whois , 你可以知道他的 NETNAME OTHER_NETNAME_here)
;;
esac
done
================== End
| 阿里云国内75折 回扣 微信号:monov8 |
| 阿里云国际,腾讯云国际,低至75折。AWS 93折 免费开户实名账号 代冲值 优惠多多 微信号:monov8 飞机:@monov6 |