Bash script list all IP addresses connected to Server with Country Information

Introduction

This script is designed to list all IP addresses connected to your server, retrieve geographical information for each IP using ipinfo.io, and display the results in a clean format. This guide will walk you through the script, explaining each part in detail, and ensuring you understand how to implement and use it effectively.

What is Bash?

Bash (Bourne Again Shell) is a Unix shell and command language written by Brian Fox for the GNU Project as a free software replacement for the Bourne shell. It has since become the default login shell for most Linux distributions. Bash can execute commands, read and execute commands from a file, and provide constructs for condition testing, looping, and functions.

Prerequisites

  • A Linux-based server with administrative privileges.
  • Internet connection for accessing ipinfo.io.
  • Basic knowledge of Bash scripting.

List all IP addresses connected to Server us Bash Script

Running to bash script list all IP addresses connected to Server
./studyscript.sh  >/dev/null 2>&1

The bash script list all IP addresses connected to Server
#!/bin/bash

# Remove old temporary files if they exist
rm -f /tmp/list_IP
rm -f /tmp/list_IPP
rm -f /tmp/list_IPdone

# Get the list of IP addresses connected to the server
netstat -ntu | grep ESTA | awk -F: '{ print $2 }' | sed -r 's/^.{12}//' | sed 's/:/\n/g' | sed '/^\s*$/d' | sort > /tmp/list_IP

# Retrieve information for each IP address from ipinfo.io
while read -r p; do
    curl -s ipinfo.io/$p
done < /tmp/list_IP > /tmp/list_IPP

# Process the retrieved information to extract IP and country
cat /tmp/list_IPP | egrep "ip|country" | sed '$!N;s/\n/ /' | sed -r 's/^.{9}//' | sed 's/"country": "//' | sed 's/",//g' >> /tmp/list_IPdone

# Add header to the final output file
echo "-----IP------  --country--" >> /tmp/list_IPdone

# Display the results
cat /tmp/list_IPdone

Note: The bash script list all IP addresses connected to Server
  • sed 's/:/\n/g' Delete duplicate lines
  • sed '/^\s*$/d' Delete empty lines
  • sed '$!N;s/\n/ /' How to merge every two lines into one from the command line

The result bash script list all IP addresses connected to Server
cat /tmp/list_IPdone
As the output below
113.171.72.17   VN
172.217.24.212   US
172.217.24.46   US
172.217.25.14   US
216.58.197.100   US
216.58.199.14   US
216.58.199.14   US
216.58.200.2   US
216.58.200.3   US
216.58.200.9   US
216.58.203.35   US
216.58.212.131   US
216.58.221.110   US
31.13.95.12   IE
31.13.95.36   IE
31.13.95.8   IE
-----IP------  --country--

 

Explanation of the Script

Removing Old Temporary Files

rm -f /tmp/list_IP
rm -f /tmp/list_IPP
rm -f /tmp/list_IPdone

 These lines remove any previous temporary files to ensure that the script starts fresh each time it is run.

Listing Connected IP Addresses

netstat -ntu | grep ESTA | awk -F: '{ print $2 }' | sed -r 's/^.{12}//' | sed 's/:/\n/g' | sed '/^\s*$/d' | sort > /tmp/list_IP
  • netstat -ntu: Lists all active network connections (both TCP and UDP).
  • grep ESTA: Filters for established connections.
  • awk -F: '{ print $2 }': Extracts the IP addresses.
  • sed -r 's/^.{12}//': Removes the first 12 characters.
  • sed 's/:/\n/g': Replaces colons with newlines.
  • sed '/^\s*$/d': Deletes empty lines.
  • sort: Sorts the IP addresses.
  • The output is redirected to /tmp/list_IP.

  • Retrieving IP Information
    while read -r p; do
        curl -s ipinfo.io/$p
    done < /tmp/list_IP > /tmp/list_IPP

    This loop reads each IP address from /tmp/list_IP, retrieves information from ipinfo.io using curl, and writes the results to /tmp/list_IPP.

    Processing the Retrieved Information

    cat /tmp/list_IPP | egrep "ip|country" | sed '$!N;s/\n/ /' | sed -r 's/^.{9}//' | sed 's/"country": "//' | sed 's/",//g' >> /tmp/list_IPdone

    • cat /tmp/list_IPP: Reads the contents of the IP information file.
    • egrep "ip|country": Filters lines containing "ip" or "country".
    • sed '$!N;s/\n/ /': Merges every two lines into one.
    • sed -r 's/^.{9}//': Removes the first 9 characters from each line.
    • sed 's/"country": "//': Removes the "country": prefix.
    • sed 's/",//g': Removes trailing commas.
    • The processed output is appended to /tmp/list_IPdone.

    Adding Header and Displaying Results

    echo "-----IP------  --country--" >> /tmp/list_IPdone
    cat /tmp/list_IPdone

     This adds a header to the final output file and then displays the contents of the file.

    Frequently Asked Questions (FAQs)

    What is the purpose of this script?

    This script helps system administrators monitor and log IP addresses connected to their server, including geographical information.

    Can I customize the information retrieved for each IP address?

    Yes, you can modify the curl command to retrieve additional fields from ipinfo.io by adjusting the URL parameters.

    How can I automate this script to run at regular intervals?

    You can use a cron job to automate this script. For example, to run the script every hour, add the following line to your crontab:

    0 * * * * /path/to/your/script.sh

    Is there a way to filter out internal IP addresses?

    Yes, you can add a conditional check within the while loop to exclude IP addresses from private ranges.

    Conclusion

    By following this guide, you've learned how to create a comprehensive Bash script to list all IP addresses connected to your server and retrieve geographical information for each IP. This script can be a valuable tool for monitoring your server's network connections and ensuring its security. Thank you for reading the huuphan.com page!

    Bash script list all IP addresses connected to Server

    Comments

    Popular posts from this blog

    zimbra some services are not running [Solve problem]

    Zimbra Client host rejected Access denied fixed