Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bash Script – Get subnets and AS number by domain

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 988 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      javcasta
      last edited by

      Hello.

      This thread has its origin in: https://forum.pfsense.org/index.php?topic=111642.0

      But I share it in English also:

      A bash-script (to be run from shell: for example # sh /tmp/getNetsByDomain.sh ) for a pfSense to obtain the AS number and a domain networks.

      How it works, step by step:

      Get IPv4 from domain : pfsense.org

      host -4 pfsense.org | grep "pfsense.org has address" | cut -d " " -f 4
                208.123.73.69

      Get AS Number for this IPv4

      whois -h v4.whois.cymru.com – "-c 208.123.73.69"

      AS      | IP              | CC | AS Name

      30312  | 208.123.73.69    | US | NETGATE - Netgate, US

      Filter for get only the AS number in the output

      whois -h v4.whois.cymru.com – "-c 208.123.73.69" | grep -v "AS" | cut -d "|" -f 1

      30312

      get the networks / subnets from AS Number

      whois -h whois.radb.net – '-i origin AS30312' | awk '/^route:/ {print $2;}' | sort | uniq

      192.207.126.0/24
          208.123.73.0/24

      getNetsVyDomain.sh code

      #!/bin/bash
      ############################################################################
      #                        GET Nets and AS by domain                        #
      #                      BASH SCRIPT FOR PFSENSE 2.3                        #
      #            BY JAVIER CASTAÑÓN - 2016 - HTTPS://JAVCASTA.COM            #
      ############################################################################
      #      uso: alojar getNetsByDomain.sh en carpeta,p.e. /tmp o /scripts      #
      #        ejecutarlo desde shell:# sh /tmp/getNetsByDomain.sh              #
      ############################################################################
      read -p 'Enter domain (foo.bar): ' INPUTDOMAIN
      LAIP=$(host -4 $INPUTDOMAIN | grep "$INPUTDOMAIN has address" | cut -d " " -f 4)
      printf "IP for $INPUTDOMAIN is $LAIP \n"
      printf "getting AS NUMBER… \n"
      ASNUMBER=$(whois -h whois.cymru.com -- "-c $LAIP" | grep -v "AS" | cut -d "|" -f 1)
      ASSTRING="AS$ASNUMBER"
      printf "ASN for $INPUTDOMAIN is $ASSTRING \n"
      whois -h whois.radb.net -- "-i origin $ASSTRING" | awk '/^route:/ {print $2;}' | sort | uniq > /tmp/thenet.tmp
      THENET=$(cat /tmp/thenet.tmp)
      printf "The nets for $INPUTDOMAIN is in file /tmp/thenet.tmp: \n"
      echo $THENET

      The script is in https://www.javcasta.com/pfsense-bash-script-obtener-redes-y-as-por-su-dominio-getnetsbydomain-sh

      Sometimes gives whois whois.cymru.com time out, and usually takes about 30sg, not run too many queries whois because the server that is fairly saturated and cut.

      Regards

      (sorry for my english :) )

      Javier Castañón
      Técnico de comunicaciones, soporte y sistemas.

      Mi web: https://javcasta.com/

      Soporte scripting/pfSense https://javcasta.com/soporte/

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.