将traceroute输出结果中的ip转换为地理地址

作者: binarylu
发布时间:2015-06-11 18:30:19

系统管理员在排查网络时会经常用到traceroute,traceroute会输出源地址到目的地址途径的ip,如果想知道地理位置需要复制一个个ip,然后google下,查几个还好,ip多的话会让人抓狂。这个脚本调用查询ip地理位置的api,将结果替换到traceroute中。

使用方法:traceroute www.qq.com | ./ip2geography.sh

在fedora下测试通过。

申请查询api的url:https://db-ip.com/api/  free的帐号只显示Country, State/Province, City, 并且一天最多查2000次,对我来说已经足够了。

代码:

 1 #!/bin/sh   2     3 while read line; do   4     l="`echo "$line" | sed -r 's/[0-9]+\.[0-9]+ ms//g' | sed -r 's/ +/ /g'`"   5     ips="`echo "$l" | grep -Po '\(([0-9]{1,3}\.){3}[0-9]{1,3}\)' | sed -r 's/\(|\)//g'`"   6     for ip in $ips; do   7         ddd=`curl "http://api.db-ip.com/addrinfo?api_key=3260199d9c38a4b9f9e44fb2a728e55f0971dc7f&addr=$ip" 2>/dev/null`   8         country="`echo "$ddd" | sed -r 's/.*"country":"([^"]*)".*/\1/g'`"   9         stat="`echo "$ddd" | sed -r 's/.*"stateprov":"([^"]*)".*/\1/g'`"  10         city="`echo "$ddd" | sed -r 's/.*"city":"([^"]*)".*/\1/g'`"  11         info="$city,$stat,$country"  12         l=`echo "$l" | sed -r 's/\('$ip'\)/\['"$info"'\]/g'`  13     done  14     echo "$l"  15 done

原始的输出:

traceroute to www.qq.com (23.0.160.18), 30 hops max, 60 byte packets   1  216.182.224.194 (216.182.224.194)  1.762 ms  1.675 ms  1.607 ms   2  100.64.8.115 (100.64.8.115)  1.217 ms 100.64.8.125 (100.64.8.125)  1.251 ms 100.64.8.117 (100.64.8.117)  1.082 ms   3  100.64.0.38 (100.64.0.38)  1.307 ms 100.64.0.84 (100.64.0.84)  1.299 ms 100.64.0.210 (100.64.0.210)  1.161 ms   4  100.64.16.45 (100.64.16.45)  0.291 ms 100.64.16.91 (100.64.16.91)  0.348 ms 100.64.16.219 (100.64.16.219)  0.283 ms   5  205.251.245.235 (205.251.245.235)  1.233 ms  1.169 ms 205.251.245.241 (205.251.245.241)  1.182 ms   6  72.21.220.30 (72.21.220.30)  1.271 ms 72.21.220.70 (72.21.220.70)  1.272 ms  1.202 ms   7  equinix-iad8.netarch.akamai.com (206.126.236.103)  1.355 ms  1.477 ms  1.482 ms   8  a23-0-160-18.deploy.static.akamaitechnologies.com (23.0.160.18)  1.304 ms  1.487 ms  1.662 ms

转换后的输出:

traceroute to www.qq.com [Cambridge (Mit),Massachusetts,US], 30 hops max, 60 byte packets  1 216.182.224.200 [Seattle (Greater Duwamish),Washington,US]   2 100.64.13.55 [Los Angeles (Westchester),California,US] 100.64.13.53 [Los Angeles (Westchester),California,US] 100.64.13.7 [Los Angeles (Westchester),California,US]   3 100.64.0.144 [Los Angeles (Westchester),California,US] 100.64.0.200 [Los Angeles (Westchester),California,US] 100.64.0.12 [Los Angeles (Westchester),California,US]   4 100.64.16.249 [Los Angeles (Westchester),California,US] 100.64.16.155 [Los Angeles (Westchester),California,US] 100.64.16.83 [Los Angeles (Westchester),California,US]   5 205.251.245.241 [New York (Manhattan),New York,US] 205.251.245.235 [New York (Manhattan),New York,US] 205.251.245.54 [New York (Manhattan),New York,US]   6 72.21.220.30 [Seattle (Lake Union),Washington,US] 72.21.220.70 [Seattle (Lake Union),Washington,US]   7 equinix-iad8.netarch.akamai.com [Redwood City,California,US]   8 a23-0-160-83.deploy.static.akamaitechnologies.com [Cambridge (Mit),Massachusetts,US] 

转换后的结果就很方便地看到路由都跑到哪里去了,使用Amazon的ec2进行的测试,加上腾讯在美国部署有服务器,所以结果中的ip都在美国。

标签:
来源:http://www.cnblogs.com/binarylu/p/4387948.html

推荐: