There are many ways to get past the IP address to the location of the script, but I found Taobao IP address library information more detailed, so use the shell to write a script to deal with the day-to-day work of some IP address analysis.
The script first obtains the JSON format of the IP address from the http://ip.taobao.com/data interface, and uses a Python script to convert the Unicode character to UTF-8 encoding.
Shell script content:
Copy Code code as follows:
#!/bin/bash
Ipinfo () {
For i in ' Cat list '
Todo
transcoding= "/usr/bin/python transcoding.py"
Jsondate= "Curl-s http://ip.taobao.com/service/getIpInfo.php?ip= $i"
country= ' $JsonDate | Sed ' s/,/\n/g ' | $TransCoding | Tr-d "{}\" | Awk-f ":" ' Nr==2{print $} '
Area= ' $JsonDate | Sed ' s/,/\n/g ' | $TransCoding | Tr-d "{}\" | Awk-f ":" ' Nr==4{print $} '
Region= ' $JsonDate | Sed ' s/,/\n/g ' | $TransCoding | Tr-d "{}\" | Awk-f ":" ' Nr==6{print $} '
City= ' $JsonDate | Sed ' s/,/\n/g ' | $TransCoding | Tr-d "{}\" | Awk-f ":" ' Nr==8{print $} '
County= ' $JsonDate | Sed ' s/,/\n/g ' | $TransCoding | Tr-d "{}\" | Awk-f ":" ' Nr==10{print $} '
isp= ' $JsonDate | Sed ' s/,/\n/g ' | $TransCoding | Tr-d "{}\" | Awk-f ":" ' Nr==12{print $} '
printf "%-18s\t%-8s\t%-8s\t%-8s\t%-8s\t%-8s\t%-8s\n" $i $country $isp $area $region $city $county
Done
}
printf "%-18s\t%-8s\t%-8s\t%-8s\t%-8s\t%-8s\t%-8s\n" IP address state operator Regional province City County/district
Echo-e "\e[1;33m======================================================================\e[0m"
Ipinfo;
Python script content:
Copy Code code as follows:
#!/usr/bin/env python
#-*-Coding:utf-8-*-
Import re
Import Sys
def main ():
For line in Sys.stdin:
Sys.stdout.write (Re.sub (R ' \\u\w{4} ',
Lambda e:unichr (int (e.group (0) [2:],)). Encode (' Utf-8 '),
Line))
if __name__ = = ' __main__ ':
Main ()
Put two scripts in one directory, and then write the IP addresses that need to be parsed into a list file, executing a shell script.
Example demo (analyze the IP attribution of the recent brute force cracking server password):
Copy Code code as follows:
Cat/var/log/secure | awk '/failed/{print $ (NF-3)} ' | Sort-u > List
[root@myvps4407 ip]#./ip.sh
IP Address state operator Regional province City County/district
======================================================================
114.112.69.50, south China, Guangdong Province
118.244.14.49, north China, Beijing, Beijing
122.72.120.109 China railcom Northwest Gansu Province
1.25.202.50 China Unicom Baotou City, Inner Mongolia Autonomous Region
133.242.17.113 Japan
134.255.243.11 Germany
145.253.72.3 Germany
188.116.55.211 Poland
202.103.36.43 China Telecom central Hubei province Wuhan
202.97.194.167 China Unicom Northeast Heilongjiang province Harbin City
203.122.59.88 India
210.44.159.49 China Education Network, Jinan City, east of Shandong Province
211.232.30.253 Korea
218.248.42.131 India
223.5.3.200 China Alibaba East Zhejiang province Hangzhou City
37.55.227.103 Ukraine
38.69.193.39 USA
50.97.246.147 USA
66.161.209.154 USA
66.248.201.2 Canada