After adding a few IPs to a firewall drop list, I wondered, "exactly how many IPs are in this drop list?" Since the list contained 187 entries, all in CIDR notation, adding up the total number of IPs in my head was impossible. So, I put together this little script and figured someone else out there might also benefit.
Requirements
The script requires awk, iptables, and whatmask in order to run successfully. The script also assumes all IPs are in CIDR notation; single IPs throw an error, "whatmask: "97.53.154.29" is not a valid subnet mask or wildcard bit mask!
The Script
[nullamatix ~/ipcount]:# cat /usr/bin/ipcount
#!/bin/sh
echo 'Building droplist.txt'
iptables -L INPUT -n | \
grep DROP | awk '{print $4}' | \
sed 's/^DROP.*$//' | grep -v '0.0.0.0' \
> ~/ipcount/droplist.txt
echo 'Reading droplist.txt'
cat ~/ipcount/droplist.txt |while true
do read LINE || break
whatmask $LINE | grep 'Usable IP Addresses' | \
awk '{print $6}' | sed -e 's/,//g' >> ~/ipcount/cidr-totals.txt
done
echo 'Adding cidr-totals.txt'
awk '{total+=$0} END {print total}' ~/ipcount/cidr-totals.txt
echo 'Done.'
[nullamatix ~/ipcount]:#
Installation
Setup is easy and just like any other script...
[nullamatix ~]:# mkdir ipcount [nullamatix ~]:# vim /usr/bin/ipcount (copy & paste the script above) [nullamatix ~]:# chmod +x /usr/bin/ipcount [nullamatix ~]:# which ipcount /usr/bin/ipcount [nullamatix ~]:#
At the time of writing, nullamatix.com is blocking a grand total of 318,516,468 IPs. That's roughly 7% of the available IPv4 address space. How many IPs are you blocking?
Word Count: 275
0 Comments
[ RSS feed | Trackback URI | Leave a Comment ]
Leave a Comment
Trackback Responses to This Post: