Bash script list all IP addresses connected to Server with Country Information

-

Introduction

Learn how to create a Bash script to list all IP addresses connected to your server. This comprehensive guide covers everything from basic to advanced examples, helping you master server monitoring with Bash scripting.

This script is designed to list all IP addresses connected to your server, retrieve geographical information for each IP using ipinfo.io, and display the results in a clean format. This guide will walk you through the script, explaining each part in detail, and ensuring you understand how to implement and use it effectively.

What is Bash?

Bash (Bourne Again Shell) is a Unix shell and command language written by Brian Fox for the GNU Project as a free software replacement for the Bourne shell. It has since become the default login shell for most Linux distributions. Bash can execute commands, read and execute commands from a file, and provide constructs for condition testing, looping, and functions.

Prerequisites

  • A Linux-based server with administrative privileges.
  • Internet connection for accessing ipinfo.io.
  • Basic knowledge of Bash scripting.

List all IP addresses connected to Server us Bash Script

Running to bash script list all IP addresses connected to Server
./studyscript.sh  >/dev/null 2>&1

The bash script list all IP addresses connected to Server
#!/bin/bash

# Remove old temporary files if they exist
rm -f /tmp/list_IP
rm -f /tmp/list_IPP
rm -f /tmp/list_IPdone

# Get the list of IP addresses connected to the server
netstat -ntu | grep ESTA | awk -F: '{ print $2 }' | sed -r 's/^.{12}//' | sed 's/:/\n/g' | sed '/^\s*$/d' | sort > /tmp/list_IP

# Retrieve information for each IP address from ipinfo.io
while read -r p; do
    curl -s ipinfo.io/$p
done < /tmp/list_IP > /tmp/list_IPP

# Process the retrieved information to extract IP and country
cat /tmp/list_IPP | egrep "ip|country" | sed '$!N;s/\n/ /' | sed -r 's/^.{9}//' | sed 's/"country": "//' | sed 's/",//g' >> /tmp/list_IPdone

# Add header to the final output file
echo "-----IP------  --country--" >> /tmp/list_IPdone

# Display the results
cat /tmp/list_IPdone

Note: The bash script list all IP addresses connected to Server
  • sed 's/:/\n/g' Delete duplicate lines
  • sed '/^\s*$/d' Delete empty lines
  • sed '$!N;s/\n/ /' How to merge every two lines into one from the command line

The result bash script list all IP addresses connected to Server
cat /tmp/list_IPdone
As the output below
113.171.72.17   VN
172.217.24.212   US
172.217.24.46   US
172.217.25.14   US
216.58.197.100   US
216.58.199.14   US
216.58.199.14   US
216.58.200.2   US
216.58.200.3   US
216.58.200.9   US
216.58.203.35   US
216.58.212.131   US
216.58.221.110   US
31.13.95.12   IE
31.13.95.36   IE
31.13.95.8   IE
-----IP------  --country--

 

Explanation of the Script

Removing Old Temporary Files

rm -f /tmp/list_IP
rm -f /tmp/list_IPP
rm -f /tmp/list_IPdone

 These lines remove any previous temporary files to ensure that the script starts fresh each time it is run.

Listing Connected IP Addresses

netstat -ntu | grep ESTA | awk -F: '{ print $2 }' | sed -r 's/^.{12}//' | sed 's/:/\n/g' | sed '/^\s*$/d' | sort > /tmp/list_IP
  • netstat -ntu: Lists all active network connections (both TCP and UDP).
  • grep ESTA: Filters for established connections.
  • awk -F: '{ print $2 }': Extracts the IP addresses.
  • sed -r 's/^.{12}//': Removes the first 12 characters.
  • sed 's/:/\n/g': Replaces colons with newlines.
  • sed '/^\s*$/d': Deletes empty lines.
  • sort: Sorts the IP addresses.
  • The output is redirected to /tmp/list_IP.

    • Retrieving IP Information
    while read -r p; do
        curl -s ipinfo.io/$p
    done < /tmp/list_IP > /tmp/list_IPP

    This loop reads each IP address from /tmp/list_IP, retrieves information from ipinfo.io using curl, and writes the results to /tmp/list_IPP.

    Processing the Retrieved Information

    cat /tmp/list_IPP | egrep "ip|country" | sed '$!N;s/\n/ /' | sed -r 's/^.{9}//' | sed 's/"country": "//' | sed 's/",//g' >> /tmp/list_IPdone

    • cat /tmp/list_IPP: Reads the contents of the IP information file.
    • egrep "ip|country": Filters lines containing "ip" or "country".
    • sed '$!N;s/\n/ /': Merges every two lines into one.
    • sed -r 's/^.{9}//': Removes the first 9 characters from each line.
    • sed 's/"country": "//': Removes the "country": prefix.
    • sed 's/",//g': Removes trailing commas.
    • The processed output is appended to /tmp/list_IPdone.

    Adding Header and Displaying Results

    echo "-----IP------  --country--" >> /tmp/list_IPdone
    cat /tmp/list_IPdone

     This adds a header to the final output file and then displays the contents of the file.

    Frequently Asked Questions (FAQs)

    What is the purpose of this script?

    This script helps system administrators monitor and log IP addresses connected to their server, including geographical information.

    Can I customize the information retrieved for each IP address?

    Yes, you can modify the curl command to retrieve additional fields from ipinfo.io by adjusting the URL parameters.

    How can I automate this script to run at regular intervals?

    You can use a cron job to automate this script. For example, to run the script every hour, add the following line to your crontab:

    0 * * * * /path/to/your/script.sh

    Is there a way to filter out internal IP addresses?

    Yes, you can add a conditional check within the while loop to exclude IP addresses from private ranges.

    Conclusion

    By following this guide, you've learned how to create a comprehensive Bash script to list all IP addresses connected to your server and retrieve geographical information for each IP. This script can be a valuable tool for monitoring your server's network connections and ensuring its security. Thank you for reading the huuphan.com page!

    Bash script list all IP addresses connected to Server

    Comments

    Post a Comment

    Popular posts from this blog

    zimbra some services are not running [Solve problem]

    -
    How to solved zimbra some services are not running. That after, to installed zimbra mail server. The display a some admin console status red in environment multiple server ( zimbra ldap, zimbra mailbox, zimbra mta etc.). Link to below you maybe likes: How to install and configure zimbra multi server.   How to restrict to user sending mail on zimbra 8.6. How to Restrict Sending to Distribution list in zimbra mail. How to change last login time for all accounts in zimbra ldap. How to zimbra reject authenticated sender login mismatch. Error zimbra some services are not running as bellow Step by step guide the solve problem zimbra some services are not running the following: To restart and enable cron service the permanently. service crond restart chkconfig crond on Opening rsyslog.conf file and uncomment the following. vim /etc/rsyslog.conf Uncomment these two lines $modload imupd $UDPServerRun514   To restart and enable rsyslog service the permanently. servic
    Read more

    Zimbra Client host rejected Access denied fixed

    -
    Introduction While using Zimbra Zimbra , you might encounter the "Client host rejected: Access denied" error, which can disrupt your workflow. This is a common issue that can be resolved easily if you understand the causes and the solutions. This article provides a detailed guide on how to fix this error on Zimbra, helping you quickly resume your work smoothly. Zimbra client host rejected Access denied error log Dec 19 01:21:28 mail postfix/amavisd/smtpd[5106]: NOQUEUE: reject: CONNECT from unknown[192.168.1.113]: 554 5.7.1 <unknown[192.168.1.113]>: Client host rejected: Access denied; proto=SMTP Dec 19 01:21:28 mail postfix/amavisd/smtpd[5106]: lost connection after CONNECT from unknown[192.168.1.113] Dec 19 01:21:28 mail postfix/amavisd/smtpd[5106]: disconnect from unknown[192.168.1.113] Allow the network " 192.168.1.0/24 " of client host for zimbraMtaMyNetworks attribute [zimbra@mail ~]$ zmprov ms `zmhostname` zimbraMtaMyNetworks "127.0.0.0/
    Read more