Shell-Script
檢查 IP 在白名單數組的範圍內
#!/bin/bash MAXCDN_ARRAY="108.161.176.0/20 94.46.144.0/20 146.88.128.0/20 198.232.124.0/22 23.111.8.0/22 217.22.28.0/22 64.125.76.64/27 64.125.76.96/27 64.125.78.96/27 64.125.78.192/27 64.125.78.224/27 64.125.102.32/27 64.125.102.64/27 64.125.102.96/27 94.31.27.64/27 94.31.33.128/27 94.31.33.160/27 94.31.33.192/27 94.31.56.160/27 177.54.148.0/24 185.18.207.65/26 50.31.249.224/27 50.31.251.32/28 119.81.42.192/27 119.81.104.96/28 119.81.67.8/29 119.81.0.104/30 119.81.1.144/30 27.50.77.226/32 27.50.79.130/32 119.81.131.130/32 119.81.131.131/32 216.12.211.59/32 216.12.211.60/32 37.58.110.67/32 37.58.110.68/32 158.85.206.228/32 158.85.206.231/32 174.36.204.195/32 174.36.204.196/32" $IP = 108.161.184.123 if [ $IP in $MAXCDN_ARRAY ]; then: echo "$IP is in MAXCDN range" else: echo "$IP is not in MAXCDN range" fi我有一個 IP 列表
MAXCDN_ARRAY用作白名單。我想檢查一個特定的 IP 地址是否在這個數組的範圍內。如何建構程式碼,以便它可以比較數組中的所有 IP,並說出此列表範圍內的特定 IP?
您可以使用grepcidr檢查 IP 地址是否在 CIDR 網路列表中。
#! /bin/bash NETWORKS="108.161.176.0/20 94.46.144.0/20 146.88.128.0/20 198.232.124.0/22 23.111.8.0/22 217.22.28.0/22 64.125.76.64/27 64.125.76.96/27 64.125.78.96/27 64.125.78.192/27 64.125.78.224/27 64.125.102.32/27 64.125.102.64/27 64.125.102.96/27 94.31.27.64/27 94.31.33.128/27 94.31.33.160/27 94.31.33.192/27 94.31.56.160/27 177.54.148.0/24 185.18.207.65/26 50.31.249.224/27 50.31.251.32/28 119.81.42.192/27 119.81.104.96/28 119.81.67.8/29 119.81.0.104/30 119.81.1.144/30 27.50.77.226/32 27.50.79.130/32 119.81.131.130/32 119.81.131.131/32 216.12.211.59/32 216.12.211.60/32 37.58.110.67/32 37.58.110.68/32 158.85.206.228/32 158.85.206.231/32 174.36.204.195/32 174.36.204.196/32" for IP in 108.161.184.123 108.161.176.123 192.168.0.1 172.16.21.99; do grepcidr "$NETWORKS" <(echo "$IP") >/dev/null && \ echo "$IP is in MAXCDN range" || \ echo "$IP is not in MAXCDN range" done注意:
grepcidr期望它匹配的 IP 地址在文件中,而不僅僅是命令行上的參數。這就是為什麼我必須在<(echo "$IP")上面使用。輸出:
108.161.184.123 is in MAXCDN range 108.161.176.123 is in MAXCDN range 192.168.0.1 is not in MAXCDN range 172.16.21.99 is not in MAXCDN range
grepcidr可用於多個發行版的預打包,包括 Debian:Package: grepcidr Version: 2.0-1 Description-en: Filter IP addresses matching IPv4 CIDR/network specification grepcidr can be used to filter a list of IP addresses against one or more Classless Inter-Domain Routing (CIDR) specifications, or arbitrary networks specified by an address range. As with grep, there are options to invert matching and load patterns from a file. grepcidr is capable of comparing thousands or even millions of IPs to networks with little memory usage and in reasonable computation time. . grepcidr has endless uses in network software, including: mail filtering and processing, network security, log analysis, and many custom applications. Homepage: http://www.pc-tools.net/unix/grepcidr/否則,源可在上面的連結中找到。
另一種選擇是使用許多庫/模組之一編寫一個
perl或python腳本,以使用這些語言操作和檢查 IPv4 地址。例如,
perl模組Data::Validate::IP有一個is_innet_ipv4($ip, $network)功能;Net::CIDR::Lite有一個非常相似的$cidr->find($ip);方法;並且Net::IPv4Addr有一個ipv4_in_network()功能。
python具有可比較的庫,包括ipy、ipaddr和ipcalc等。