Would like to return just "123.235.44.1" value from below. how do i do this?
# dhclient -v
Internet Systems Consortium DHCP Client 4.4.1
Copyright 2004-2018 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/ens3/fa:16:3e:9e:33:25
Sending on LPF/ens3/fa:16:3e:9e:33:25
Sending on Socket/fallback
DHCPREQUEST for 123.123.123.123 on ens3 to 255.255.255.255 port 67 (xid=0x77420868)
DHCPACK of 123.123.123.123 from **123.235.44.1** (xid=0x68084277)
RTNETLINK answers: File exists
bound to 123.123.123.123 -- renewal in 33881 seconds.
a bash program that returns the dhcp server ip 123.235.44.1
You don't need grep if you use awk
dhclient -v 2>&1 | awk '/^DHCPACK/ { print $5 }'
You need to redirect stderr to stdout in order to capture and filter to obtain the required value.
dhclient -v 2>&1 | grep '^DHCPACK' | awk '{ print $5 }'
Related
I am working on a CentOS. This is my first time messing around in a UNIX-based OS, and having a hard time getting used to it. I have more solid experience with Powershell.
Anyway, my task is to list all the Interfaces and their corresponding IP and MAC addresses. Is there a simple way to do this?
I discovered that
ip addr
apparently has all the information I need, but I have no idea how could I "cut out" the information I need from the string. I want to list them in some readable format, like this:
interfacename ipaddress macaddress
Write a script like this:
#!/bin/bash
printf '%10s %32s %32s\n' interface ipaddress macaddress
printf '%s\n' '----------------------------------------------------------------------------'
for each in $(ip address | grep -oP '(^[\d]+:\s)\K[\d\w]+'); do
mac=$(ip address show ${each} | grep -oP '(?<=link/ether\s)\K[\da-f:]+|(?<=link/loopback\s)\K[\da-f:]+')
for address in $(ip address show ${each} | grep -oP '(?<=inet\s)\K[\d.]+|(?<=inet6\s)\K[\da-f:]+'); do
printf '%10s %32s %32s\n' ${each} ${address} ${mac}
done
done
Output:
interface ipaddress macaddress
----------------------------------------------------------------------------
lo 127.0.0.1 00:00:00:00:00:00
lo ::1 00:00:00:00:00:00
wlo1 192.168.0.7 c8:aa:bb:cc:dd:ee
wlo1 fe80::7aec:8287:9f45:d833 c8:aa:bb:cc:dd:ee
docker0 172.17.0.1 02:42:0d:0d:0d:0d
tap0 10.1.30.2 16:50:cc:cc:cc:cc
tap0 fe80::10a9:d3ff:fece:57d7 16:50:cc:cc:cc:cc
I heard that there are types of ip addresses like primary address etc. and tried to get the ip address using the below command
ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1'
and got the result as below
192.168.122.1
192.168.168.1
172.16.142.1
192.168.1.102
so from the above can someone answer which my primary address is?
There is no such things as "primary address" or "primary device". You have multiple ip addresses related to multiple networt devices.
You could find out what devices allows you to access to the internet and finds its local ip.
To do that, issue the command route. It will output something like
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.0.254 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
Now all you need is to use the device on the line default and use it in this command:
ifconfig <DEVICENAME> | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*'
When a machine has different IP addresses, it is impossible to define the primary IP from a network only point of view. But a machine normaly has a name that can be obtained by the command uname -n, or by the POSIX function uname. Once you have that name, you can find the IP address corresponding to it by the getent command or the gethostbyname function: what is called the primary IP address is the first address returned.
So here you could use:
getent hosts $(uname -n) | head -1 | cut -f 1 -w
Primary address depends on your usage, there is nothing as such at the network level. If you use one IP to access your server usually, you may call it primary and the network devices won't know the difference.
In a separate question (link below), it was suggested that I obtain the network interface card number and subnet mask from a remote SSH login, rather than prompting the user for it. All I have is the IP address of my remote host. I need to obtain the subnet mask to determine if the remote and local host are on the same subnet, and the interface card number to set up and configure a virtual IP for aliasing purposes.
Could someone suggest how I might be able to parse out the necessary information and return it to my shell script that initiates the remote ssh connection? My target hosts have Linux or AIX as the operating system. I am familiar with the netstat function, but I'm not sure if parsing information from this is valid, or if there is a better way to get what I need that will work for both Linux and AIX operating systems.
Thanks for any help you can provide!
How to return from shell 'read' command passed in expect script?
--UPDATE--
AIX ifconfig -a:
$ ifconfig -a
en0: flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPR
T,64BIT,CHECKSUM_OFFLOAD(ACTIVE),CHAIN>
inet 10.105.65.131 netmask 0xffff0000 broadcast 10.105.255.255
tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1
lo0: flags=e08084b,c0<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64
BIT,LARGESEND,CHAIN>
inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255
inet6 ::1%1/0
tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1
AIX netstat -rn:
$ netstat -rn
Routing tables
Destination Gateway Flags Refs Use If Exp Groups
Route tree for Protocol Family 2 (Internet):
default 10.105.65.1 UG 31 39412125 en0 - -
10.105.0.0 10.105.65.131 UHSb 0 0 en0 - - =
>
10.105/16 10.105.65.131 U 219 985607244 en0 - -
10.105.65.131 127.0.0.1 UGHS 5 1326738 lo0 - -
10.105.255.255 10.105.65.131 UHSb 3 6926640 en0 - -
127/8 127.0.0.1 U 36 11962928 lo0 - -
Route tree for Protocol Family 24 (Internet v6):
::1%1 ::1%1 UH 1 393270 lo0 - -
I tried route get and that doesn't work on my AIX box to tell me the route. The only thing I can get to work is netstat -rn. I'm not sure if there is another command similar to ip route that would work.
The Linux boxes support both ip and ifconfig.
I am not sure what to do when there are multiple network interface cards, as I do not know which one really should be used when setting up a virtual IP.
The Linux setup is more what I am concerned with, as I will be eventually adding in the AIX support for my software installation script later and can do more research on it then.
For Linux, I might do this something like so (using bash extensions, so invoked using a #!/bin/bash shebang, or piping the script over stdin to an interpreter invoked as ssh "$hostname" bash <<'EOF'):
internet_address=8.8.8.8 # read data for the NIC used to route here
dev_re='dev ([^[:space:]]+)($|[[:space:]])'
read default_route < <(ip -o route get "$internet_address")
[[ $default_route =~ $dev_re ]] && devname=${BASH_REMATCH[1]}
IFS=$'\n' read -r -d '' -a addresses < \
<(netstat -rn |
awk -v dev="$devname" '$8 == dev && ($2 == "0.0.0.0" || $2 == "default") { print $1 }')
# emit this output however you like
printf '%s\n' "$dev_re" "${addresses[#]}"
I am Using Linux rhel6 2.6.32-220.el6.x86_64 #1 SMP Wed Nov 9 08:03:13 EST 2011 x86_64 x86_64 x86_64 GNU/Linux.
I can access tomcat from browser at port 8080. I am trying get PID of this .
I tried all the folling command but unable to fing the PID
lsof -i :8080
no output
netstat -tulpn | grep :8080
no output
also there is no log nor any httpd process running.
Please help me the find this. Thanks in advance
The tomcat application uses Java so that's why there is no httpd process running:
According to the source posted below the PID is posted in a $CATALINA_PID file which means that all you need to do is read that file with (TomCat version 5 or higher)
cat $CATALINA_PID
And that should post the PID.
Source:
Is Tomcat running?
I use to find open ports programs like this:
# lsof -i -n -P | grep LIST | grep 8080
python 10335 xxxxxxxxx 3u IPv4 10663405 0t0 TCP *:8080 (LISTEN)
The PID is usually defined in the init script. So you should take a look at
/etc/init.d/tomcat
Many init scripts seem to use this command for $PID:
ps aux | grep org.apache.catalina.startup.Bootstrap | grep -v grep | awk '{ print $2 }'
echo $CATALINA_PID will only return the PID if $CATALINA_PID which is not necassary the case.
source for init
I have been using wire-shark to analyse the packets of socket programs, Now i want to see the traffic of other hosts traffic, as i found that i need to use monitor mode that is only supported in Linux platform, so i tried but i couldn't capture any packets that is transferred in my network, listing as 0 packets captured.
Scenario:
I'm having a network consisting of 50+ hosts (all are powered by windows Except mine), my IP address is 192.168.1.10, when i initiate a communication between any 192.168.1.xx it showing the captured traffic.
But my requirement is to monitor the traffic of 192.168.1.21 b/w 192.168.1.22 from my host i,e. from 192.168.1.10.
1: is it possible to capture the traffic as i mentioned?
2: If it is possible then is wire-shark is right tool for it (or should i have to use differnt one)?
3: if it is not possible, then why?
Just adapt this a bit with your own filters and ips : (on local host)
ssh -l root <REMOTE HOST> tshark -w - not tcp port 22 | wireshark -k -i -
or using bash :
wireshark -k -i <(ssh -l root <REMOTE HOST> tshark -w - not tcp port 22)
You can use tcpdump instead of tshark if needed :
ssh -l root <REMOTE HOST> tcpdump -U -s0 -w - -i eth0 'port 22' |
wireshark -k -i -
You are connected to a switch which is "switching" traffic. It bases the traffic you see on your mac address. It will NOT send you traffic that is not destined to your mac address. If you want to monitor all the traffic you need to configure your switch to use a "port mirror" and plug your sniffer into that port. There is no software that you can install on your machine that will circumvent the way network switching works.
http://en.wikipedia.org/wiki/Port_mirroring