Simple bash script for IP-ASN mapping

Whenever I see a new unknown IP range, it gets hard to find exact source of that IP within command shell. Recently, I found a very interesting source of that information from Team Cymru. Here’s the resource.

I figured out (with a friend’s help) that using their whois server - one can actually grab limited information as required. 


anurag@laptop:~$ whois -h "  -v"
AS      | IP               | BGP Prefix          | CC | Registry | Allocated  | AS Name

15169   |          |          | US | arin     | 1992-12-01 | GOOGLE - Google Inc.

As we can see -v gives all possible information. All I needed was AS number, AS Name, BGP Prefix, Country code - this gives enough information for an IP address. Thus command turns out to be with -c & -p.


anurag@laptop:~$ whois -h " -c -p"

AS | IP | BGP Prefix | CC | AS Name  
9829 | | | IN | BSNL-NIB National Internet Backbone

Making this all quick easy to use.

Writing command in a quick script:


# Script for whois with details

read -p 'Enter IP address : ' inputip
whois -h $hostname " -c -p $inputip"

next,  edit .bashrc located in home directory (hidden). add following lines to the end of the file:

alias awhois='./'

Logout and login and done!

Now, you can simply use awhois (A = Advanced! :) ) to do advanced IP whois lookups.

Here’s a live working example:

anurag@laptop:~$ awhois  
Enter IP address :  
AS | IP | BGP Prefix | CC | AS Name  
20115 | | | US | CHARTER-NET-HKY-NC - Charter Communications