Ping a Specific Port

Question

user3018558

Asked: 2020-03-16 01:14:43 +0800 CST2020-03-16 01:14:43 +0800 CST 2020-03-16 01:14:43 +0800 CST

mask public IP addresses from any command output (for diagnostic)

772

I'm writing a script to extract information from BusyBox v1.25.1/Linux 2.6.36/router where the user can simply run the script and copy/paste the output into a submission form to request support. The script it's essentially a list of commands like route, ifconfig, etc. Because of the busybox implication I'm restricted to /bin/sh.

I'm trying to find a smart way to automatically mask all the public IP addresses only from the output. Replace the full IP would be already good but if it's possible I would be looking for a command to pipe at the end of each command (even an internal function) to simply replace let's say the first two octects e.g. 80.80.80.80 with XX.XX.80.80

A nice to have feature would be to replace the same number of digits to retain formatting where possible. e.g.

8.8.8.8=X.X.X.X 80.80.8.8=XX.XX.X.X 180.180.80.8=XXX.XXX.XX.X

practical example:

root@router:/proc# route | filtering-goes-here Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface XX.XX.168.1 * 255.255.255.255 UH 0 0 0 vlan2 172.16.9.0 * 255.255.255.0 U 0 0 0 br1 10.10.9.0 * 255.255.255.0 U 0 0 0 br0 10.114.126.0 * 255.255.254.0 U 0 0 0 tun11 XX.XX.168.0 * 255.255.252.0 U 0 0 0 vlan2 10.10.0.0 * 255.255.0.0 U 0 0 0 tinc 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default cpc86269 0.0.0.0 UG 0 0 0 vlan2

Thanks!!

1 Answers

Voted

nik · Answer 1 · 2020-03-16T02:08:16+08:00

Does a sed script like this work for you?

$ cat filter.sed
s|\([0-9]\+\.\)\([0-9]\+\.\)\([0-9]\+\.\)\([0-9]\+\)|___\1___\2___\3___\4|g
s|___[0-9]|___X|g
s|___X[0-9]|___XX|g
s|___XX[0-9]|___XXX|g
s|___||g

Here is an example run,

$ echo "111.22.3.44" | sed -f filter.sed
XXX.XX.X.XX

This is going to convert all IP addresses of the form a.b.c.d into equivalent width x.x.x.x pattern. If you need to skip some IP addresses those would need exclusion rules in the script.

If the ___ pattern is part of your possible output in the context used here, you would need to change to a different 'context' that is not possible in the input to the script.

Update: for public IP masking
Try this sed script replacement to the above basic one.

s|\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)|__#\1.\2.\3.\4|g
s|#0\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|0\1|g
s|#10\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|10\1|g
s|#127\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|127\1|g
s|#255\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|255\1|g
s|#\(22[4-9]\)\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|\1\2|g
s|#\(23[0-8]\)\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|\1\2|g
s|#169\.254\(\.[0-9]\+\.[0-9]\+\)|169.254\1|g
s|#192\.168\(\.[0-9]\+\.[0-9]\+\)|192.168\1|g
s|#\(172\.1[6789]\)\(\.[0-9]\+\.[0-9]\+\)|\1\2|g
s|#\(172\.2[0-9]\)\(\.[0-9]\+\.[0-9]\+\)|\1\2|g
s|#\(172\.3[01]\)\(\.[0-9]\+\.[0-9]\+\)|\1\2|g
s|__#\([0-9]\+\.\)\([0-9]\+\.\)\([0-9]\+\.\)\([0-9]\+\)|___\1___\2___\3___\4|g
s|___[0-9]|___X|g
s|___X[0-9]|___XX|g
s|___XX[0-9]|___XXX|g
s|___||g
s|__||g

Note: This will also x-out the netmasks with one exception. I've not added 240.0.0.0 to the list.

Update2: If you want to just mask the first IP-address on each line
This is for a route output case where the first column is IP addresses.
Replace the first line in the updated sed script with,

s|^\(\s*\)\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)|\1__#\2.\3.\4.\5|g

On OPs suggestion, leaving also the mask-for-private-IPs script here

# Modified version that limits to first IP on each line prefixed with whitespace.
s|^\(\s*\)\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)|\1___#\2.\3.\4.\5|g
# Basic version that operates on all IP strings in the input.
#s|\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)|___#\1.\2.\3.\4|g
#
s|\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)|___#\1.\2.\3.\4|g
s|___#0\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|___0\1|g
s|___#10\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|___10\1|g
s|___#127\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|___127\1|g
s|___#255\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|___255\1|g
s|___#224\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|___224\1|g
s|___#\(22[4-9]\)\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|___\1\2|g
s|___#\(23[0-8]\)\(\.[0-9]\+\.[0-9]\+\.[0-9]\+\)|___\1\2|g
s|___#169\.254\(\.[0-9]\+\.[0-9]\+\)|___169.254\1|g
s|___#192\.168\(\.[0-9]\+\.[0-9]\+\)|___192.168\1|g
s|___#\(172\.1[6789]\)\(\.[0-9]\+\.[0-9]\+\)|___\1\2|g
s|___#\(172\.2[0-9]\)\(\.[0-9]\+\.[0-9]\+\)|___\1\2|g
s|___#\(172\.3[01]\)\(\.[0-9]\+\.[0-9]\+\)|___\1\2|g
s|___\([0-9]\+\.\)\([0-9]\+\.\)\([0-9]\+\.\)\([0-9]\+\)|___\1___\2___\3___\4|g
s|___[0-9]|___X|g
s|___X[0-9]|___XX|g
s|___XX[0-9]|___XXX|g
s|___#||g
s|___||g

mask public IP addresses from any command output (for diagnostic)

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?