BASH- trouble pinging from text file lines - bash

Have a text file w/ around 3 million URL's of sites I want to block.
Trying to ping them one by one (yes, I know it is going to take some time).
Have a script (yes, I am a bit slow in BASH) which reads the lines one at a time from text file.
Obviously cannot print text file here. Text file was created >> w/ Python some time ago.
Problem is that ping returns "unknown host" w/ every entry. If I make a smaller file by hand using the same entries the script works. I thought it may be a white space or end of line issue so tried addressing that in script. What could the issue possibly be?
#!/bin/bash
while read line
do
li=$(echo $line|tr -d '\n')
li2=$(echo $li|tr -d ' ')
if [ ${#line} -lt 2 ]
then
continue
fi
ping -c 2 -- $li2>>/dev/null
if [ $? -gt 0 ]
then
echo 'bad'
else
echo 'good'
fi
done<'temp_file.txt'

Does the file contains URLs or hostnames ?
If it contains URLs you must extract the hostname from URLs before pinging:
hostname=$(echo "$li2"|cut -d/ -f3);
ping -c 2 -- "$hostname"

Ping is used to ping hosts. If you have URLs of websites, then it will not work. Check that you have hosts in your file , example www.google.com or an IP address and not actual full website urls. If you want to check actual URLs, use a tool like wget and another tool like grep/awk to grab for errors like 404 or others. Last but not least, people who are security conscious will sometimes block pinging from the outside, so take note.

C heck if the file contains windows-style \r\n line endings: head file | od -c
If so, to fix it: dos2unix filename filename

I wouldn't use ping for this. It can easily be blocked, and it's not the best way to check for either ip addresses or if a server presents web pages.
If you just want to find the corresponding IP, use host:
$ host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 209.85.149.106
www.l.google.com has address 209.85.149.147
www.l.google.com has address 209.85.149.99
www.l.google.com has address 209.85.149.103
www.l.google.com has address 209.85.149.104
www.l.google.com has address 209.85.149.105
As you see, you get all the IPs registered to a host. (Note that this requires you to parse the hostname from your urls!)
If you want to see if a URL points at a web server, use wget:
wget --spider $url
The --spider flag makes wget not save the page, just check that it exists. You could look at the return code, or add the -S flag (which prints the HTTP headers returned)

Related

In Bash: grep command output that isn't stored in a file, and store it in a file?

In reference to My orginial question, this will be used in my script.
Basically, I run commands to provision CNAME's for domains to validate the domains for TLS. When the command provision-cert test.com.json is run it will output the contents below. Doesn't store them, only prints them in the console.
Determining SubjectAlternateNames for domain test.com
SubjectAlternateNames for domain test.com are:
test.com
*.test.com
Requesting Certificate for domain test.com
Certificate for domain test.com has ARN: arn:tmp:tmp:ran-loc-
1:randomstring:certificate/randomstring
Settings tags on certificate for domain test.com
Retrieving DNS records required for validation for arn:tmp:tmp:ran-loc-
1:randomstring:certificate/randomstring
Please add these records to DNS to complete validation
_randomstring.test.com. IN CNAME _randomstring.validations.net.
Certificate needs to complete domain validation
I'm trying to grep the text Please add these records to DNS to complete validation and the line below it _randomstring.test.com. IN CNAME _randomstring.tmp-validations.net. into a .txt file multiples times but I don't want it to overwrite whats already been inserted into the .txt file from previous runs. It will run provision-cert 6 times so essentially I need to to grep each cname after it runs the command provision-cert.
I have tried provision-cert test.com | grep "Please add these records to DNS to complete validation" -A 1 > file.txt but it just freezes.
(I already have my statements in place, I just need to figure out the grep command, and then add it)
Is this possible?
Found that provision-cert test.com >> file.txt successfully sent the output to a .txt file.
Then adding the command grep "Please add these records to DNS to complete validation" -A 1 file.txt
Answer found here.

Wireshark and T Shark DNS

I’m creating a small script to take the output from tshark and print it out to terminal. I'm trying to to only filter by requests made through the browser address bar.
So when www.facebook.com is loaded, the terminal only prints out facebook.com, rather than fbstatic-a.akamaihd.net etc .. (other DNS requests made through the requested website)
This program loops forever repeating dns requests and writes to the terminal.
Any ideas?
Would the following work for you?
$ tshark -r dns.pcap -T fields -e dns.qry.name -Y "dns.qry.type == 0x0001 and udp.dstport == 53"
www.yahoo.com
The display filter (the part after "Y") is to limit the query type to be for A record (you want to avoid CNAME etc) in the request.
dns.qry.type == 0x0001 is for A record, udp.dstport == 53 is for DNS request.
Hope it helps.

need to read IP from a text and set manually on centos

i have 10 IP which have been listed on a CSV or text file , i need to read each time one line and get the IP and set on eth0 interface of the server, i found the bellow script which some how show me how to create new network setting but i do not know how i could read one line from CSV and put it on variable to use with bellow script . i would be greatly thankful if you give me some hint , thanks
https://wiki.gogrid.com/index.php/Customer:Automatically_convert_your_Linux_server_to_a_static_IP
May something like this:
#!/bin/sh
lineNumber=1
ip=`head -n $lineNumber test.csv | tail -n 1 | line`
echo $ip

What could prevent frequently switching default source ip of a machine with several interfaces

The goal was to frequently change default outgoing source ip on a machine with multiple interfaces and live ips.
I used ip route replace default as per its documentation and let a script run in loop for some interval. It changes source ip fine for a while but then all internet access to the machine is lost. It has to be remotely rebooted from a web interface to have any thing working
Is there any thing that could possibly prevent this from working stably. I have tried this on more than one servers?
Following is a minimum example
# extract all currently active source ips except loopback
IPs="$(ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 |
awk '{ print $1}')"
read -a ip_arr <<<$IPs
# extract all currently active mac / ethernet addresses
Int="$(ifconfig | grep 'eth'| grep -v 'lo' | awk '{print $1}')"
read -a eth_arr <<<$Int
ip_len=${#ip_arr[#]}
eth_len=${#eth_arr[#]}
i=0;
e=0;
while(true); do
#ip route replace 0.0.0.0 dev eth0:1 src 192.168.1.18
route_cmd="ip route replace 0.0.0.0 dev ${eth_arr[e]} src ${ip_arr[i]}"
echo $route_cmd
eval $route_cmd
sleep 300
(i++)
(e++)
if [ $i -eq $ip_len ]; then
i=0;
e=0;
echo "all ips exhausted - starting from first again"
# break;
fi
done
I wanted to comment, but as I'm not having enough points, it won't let me.
Consider:
Does varying the delay time before its run again change the number of iterations before it fails?
Exporting the ifconfig & routes every time you change it, to see if something is meaningfully different over time. Maybe some basic tests to it (ping, nslookup, etc) Basically, find what is exactly going wrong with it. Also exporting the commands you send to a logfile (text file per change?) to see changes in them to see if some is different after x iterations.
What connectivity is lost? Incoming? Outgoing? Specific applications?
You say you use/do this on other servers without problems?
Are the IP's: Static (/etc/network/interfaces), bootp/DHCP, semi-static (bootp/DHCP server serving, based on MAC address), and if served by bootp/DHCP, what is the lease duration?
On the last remark:
bootp/dhcp will give IP's for x duration. say its 60 minutes. After half that time it will "check" with the bootp/dhcp server if it can keep the IP, and extend the lease to 60 minutes again, this can mean a small reconfig on the ifconfig (maybe even at the same time of your script?).
hth

Unix script to resolve hostnames from IP addresses

I've got a text file with a bunch of IPv4 addresses, and I'd like to know the hostname of each one in order to know if they are tor addresses. Is there a simple script that can help me to do that ?
You can loop using dig:
#!/bin/bash
while read line
do
dig -x "$line" +short
done
Then given IPs 1 per line, you can run something like ./reverse.sh < addrs.txt.
Caveats: DNS is not a 1-to-1 mapping, and reverse DNS is somewhat less reliable than forward DNS.

Resources