-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathasn_ip_analysis.pl
executable file
·126 lines (87 loc) · 2.48 KB
/
asn_ip_analysis.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/usr/bin/perl -W
$|=1;
#################################################################
# Author: vvuksan
#################################################################
use Data::Dumper;
use Socket;
use lib "./";
require 'config.pm';
require 'tools.pm';
# Stick ASN mapping into a hash
open(ASN_LIST, "< $CFG{'asn_mapping_file'}");
my %asn;
while(<ASN_LIST>)
{
chop;
my ($as, $country, $description) = split /,/;
$asn{"$as"} = "$country = $description";
}
close(ASN_LIST);
my %longip2asn;
open(IP2LONG, "< $CFG{'long_ip_to_asn_file'}");
while(<IP2LONG>)
{
chop;
my ($longip, $as) = split /,/;
$longip2asn{$longip} = $as;
}
close(IP2LONG);
my %per_ip_totals;
my %totals;
#####################################################################################
# We'll loop through a list of IPs and get their sum
#####################################################################################
while ( <STDIN> ) {
chop;
$per_ip_totals{$_}++;
}
my %ip2asn;
my $ip_counter = 0;
############################################################################
# Determine AS Numbers for each IP
############################################################################
foreach my $ip ( keys %per_ip_totals ) {
$ip_counter++;
if ( $ip_counter % 1000 == 0 ) {
print ".";
}
# We really only care for /24
my ( $part1, $part2, $part3, undef ) = split /\./, $ip;
my $slash24 = "${part1}.${part2}.${part3}.0";
my $result = 'UNKNOWN';
# Check do we already have mapping for the ASN
if ( $ip2asn{$slash24} ) {
$asn = $ip2asn{$slash24};
} else {
# Calculate
my $ip_value = ip2long($slash24);
for ($i=8; $i<32; $i++) {
$ip2 = ($ip_value >> $i) << $i;
if ( $longip2asn{$ip2} ) {
$asn = $longip2asn{$ip2};
$ip2asn{$slash24} = $asn;
last;
} else {
$ip2asn{$slash24} = "none";
}
}
}
$totals{"AS$asn"} += $per_ip_totals{$ip};
}
my $show_top_entries = 40;
my $counter = 0;
print "\nYou supplied " . keys(%per_ip_totals) . " IPs. Showing top " . $show_top_entries . " ASNs\n";
print "\n # IPs ASN\n";
foreach $key (sort { $totals{$b} <=> $totals{$a} } keys %totals) {
if ( ! $asn{$key} ) {
$asn{$key} = find_asn_org_name($key ,$CFG{'asn_mapping_file'});
}
printf "%12d %25s %s\n", $totals{$key}, "http://bgp.he.net/$key", $asn{$key};
if ( $counter > $show_top_entries ) {
last;
} else {
$counter++;
}
}
exit 0;