02 - asn-to-subnet
Exemple pour obtenir les subnet d’un ASN sans trop d’effort
Exemple, un ASN du Gouvernement du Canada AS74 en utilisant bgpview.io
Option 1 : requête curl et enregistrement de la réponse dans un fichier .json
curl -sS -o gouv.canada_AS74_bgpview.io.json https://api.bgpview.io/asn/74/prefixes
Option 2 : requête curl et affichage à l’écran du résultat complet
curl -sS https://api.bgpview.io/asn/74/prefixes | jq '.'
Option 3 : requête curl et affichage à l’écran des subnet seulement
curl -sS https://api.bgpview.io/asn/74/prefixes | jq .data.ipv4_prefixes[].prefix
Exemple de résultat en utilisant la commande de l’option 3 :
schaos@stack:/stuff/elastic-data/demo$ curl -sS https://api.bgpview.io/asn/74/prefixes | jq .data.ipv4_prefixes[].prefix
"128.43.0.0/16"
"131.132.0.0/16"
"131.135.0.0/16"
"131.136.0.0/16"
schaos@stack:/stuff/elastic-data/demo$
Exemple de résultat en utilisant la commande de l’option 2 :
schaos@stack:/stuff/elastic-data/demo$ curl -sS https://api.bgpview.io/asn/74/prefixes | jq '.'
{
"status": "ok",
"status_message": "Query was successful",
"data": {
"ipv4_prefixes": [
{
"prefix": "128.43.0.0/16",
"ip": "128.43.0.0",
"cidr": 16,
"roa_status": "None",
"name": "SSC-299-Z",
"description": "Shared Services Canada",
"country_code": "CA",
"parent": {
"prefix": "128.43.0.0/16",
"ip": "128.43.0.0",
"cidr": 16,
"rir_name": "ARIN",
"allocation_status": "unknown"
}
},
{
"prefix": "131.132.0.0/16",
"ip": "131.132.0.0",
"cidr": 16,
"roa_status": "None",
"name": "SSC-299-Z",
"description": "Shared Services Canada",
"country_code": "CA",
"parent": {
"prefix": "131.132.0.0/16",
"ip": "131.132.0.0",
"cidr": 16,
"rir_name": "ARIN",
"allocation_status": "unknown"
}
},
{
"prefix": "131.135.0.0/16",
"ip": "131.135.0.0",
"cidr": 16,
"roa_status": "None",
"name": "DRES-NET2",
"description": "Defense Research Establishment Ottawa",
"country_code": "CA",
"parent": {
"prefix": "131.134.0.0/15",
"ip": "131.134.0.0",
"cidr": 15,
"rir_name": "ARIN",
"allocation_status": "unknown"
}
},
{
"prefix": "131.136.0.0/16",
"ip": "131.136.0.0",
"cidr": 16,
"roa_status": "None",
"name": "DRE-TESTNET",
"description": "Department of National Defence",
"country_code": "CA",
"parent": {
"prefix": "131.136.0.0/14",
"ip": "131.136.0.0",
"cidr": 14,
"rir_name": "ARIN",
"allocation_status": "unknown"
}
}
],
"ipv6_prefixes": []
},
"@meta": {
"time_zone": "UTC",
"api_version": 1,
"execution_time": "15.62 ms"
}
}
schaos@stack:/stuff/elastic-data/demo$
Exemple pour pour automatiser l’extraction des informations sur les subnet associés à plusieurs ASN du gouvernement du canada.
- Ajouter les commandes curl dans un fichier. Pour cet exemple, le fichier se nomme
commande-bgpview_gouv.canada.txt
schaos@stack:/stuff/elastic-data/demo$ more commande-bgpview_gouv.canada.txt
curl -sS -o AS2665_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/2665/prefixes
curl -sS -o AS27293_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/27293/prefixes
curl -sS -o AS25689_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/25689/prefixes
curl -sS -o AS395262_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/395262/prefixes
curl -sS -o AS3766_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/3766/prefixes
curl -sS -o AS20010_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/20010/prefixes
curl -sS -o AS19737_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/19737/prefixes
curl -sS -o AS2653_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/2653/prefixes
curl -sS -o AS2675_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/2675/prefixes
curl -sS -o AS806_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/806/prefixes
curl -sS -o AS2682_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/2682/prefixes
curl -sS -o AS820_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/820/prefixes
curl -sS -o AS818_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/818/prefixes
curl -sS -o AS837_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/837/prefixes
curl -sS -o AS74_gouv.canada-bgpview.io.json https://api.bgpview.io/asn/74/prefixes
schaos@stack:/stuff/elastic-data/demo$
- Lancer la commande ci-dessous pour exécuter chacune des commandes curl présente dans le fichier
commande-bgpview_gouv.canada.txt
schaos@stack:/stuff/elastic-data/demo$ cat commande-bgpview_gouv.canada.txt | while read LINE; do $LINE | tee >> tee_log_bgpview.io_gouv.canada.log; sleep 2; done
- Pour afficher chacun des subnet et le nom de l’organisation associé vous pouvez exécuter la commande ci-dessous.
Le premier champ contenant le subnet peut ensuite être facilement utiliser pour alimenter votre outil préféré . . .
schaos@stack:/stuff/elastic-data/demo$ jq '.data.ipv4_prefixes[] | .prefix + "," + .description' AS*gouv.canada-bgpview.io.json
"137.94.0.0/16,Royal Military College of Canada"
"198.62.158.0/24,INTERNATIONAL DEVELOPMENT RESEARCH CENTRE"
"198.62.159.0/24,INTERNATIONAL DEVELOPMENT RESEARCH CENTRE"
"132.246.0.0/16,Shared Services Canada"
"132.246.0.0/17,Shared Services Canada"
"132.246.56.0/23,Shared Services Canada"
"132.246.60.0/24,Shared Services Canada"
"132.246.128.0/18,Shared Services Canada"
"132.246.172.0/23,Shared Services Canada"
"132.246.192.0/19,Shared Services Canada"
"132.246.224.0/19,Shared Services Canada"
"167.37.244.0/24,Shared Services Canada"
"167.37.245.0/24,Shared Services Canada"
"167.37.246.0/24,Shared Services Canada"
"167.37.247.0/24,Shared Services Canada"
"167.37.249.0/24,Shared Services Canada"
"192.70.172.0/24,Shared Services Canada"
"192.75.14.0/24,Shared Services Canada"
"192.139.21.0/24,Shared Services Canada"
"192.139.116.0/23,Various Registries (Maintained by ARIN)"
"192.139.198.0/24,Shared Services Canada"
"204.174.103.0/24,Shared Services Canada"
"142.236.0.0/17,Shared Services Canada"
"157.244.195.0/24,Office of the Superintendent of Financial"
"198.103.36.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.140.0/24,Federal Office of Regional Development (Quebec)"
"198.103.162.0/24,GTIS"
"198.103.213.0/24,GTIS"
"198.103.221.0/24,Shared Services Canada"
"198.103.235.0/24,Shared Services Canada"
"198.103.254.0/24,Shared Services Canada"
"205.193.85.0/24,Shared Services Canada"
"205.193.112.0/24,Shared Services Canada"
"205.193.114.0/24,Shared Services Canada"
"205.193.149.0/24,Shared Services Canada"
"205.193.156.0/24,Shared Services Canada"
"205.193.157.0/24,Shared Services Canada"
"205.193.167.0/24,Shared Services Canada"
"205.193.177.0/24,Shared Services Canada"
"205.193.204.0/24,Shared Services Canada"
"205.193.206.0/24,Shared Services Canada"
"205.193.208.0/24,Shared Services Canada"
"205.193.209.0/24,Shared Services Canada"
"132.156.0.0/16,Shared Services Canada"
"142.78.0.0/16,Shared Services Canada"
"142.78.9.0/24,Shared Services Canada"
"142.191.8.0/21,Shared Services Canada"
"142.206.0.0/16,Shared Services Canada"
"142.206.230.0/24,Shared Services Canada"
"142.236.76.0/24,Shared Services Canada"
"157.244.190.0/24,Office of the Superintendent of Financial"
"160.106.64.0/18,Shared Services Canada"
"160.106.64.0/19,Shared Services Canada"
"160.106.104.0/21,Shared Services Canada"
"160.106.112.0/20,Shared Services Canada"
"160.106.252.0/23,Shared Services Canada"
"167.32.0.0/17,House of Commons"
"167.37.27.0/24,Shared Services Canada"
"167.37.28.0/24,Shared Services Canada"
"167.37.33.0/24,Shared Services Canada"
"167.37.47.0/24,Shared Services Canada"
"167.37.57.0/24,Shared Services Canada"
"167.37.58.0/24,Shared Services Canada"
"167.37.62.0/24,Shared Services Canada"
"167.37.63.0/24,Shared Services Canada"
"167.40.16.0/20,Shared Services Canada"
"167.40.26.0/24,Shared Services Canada"
"167.40.64.0/19,Shared Services Canada"
"167.40.96.0/21,Shared Services Canada"
"167.40.104.0/22,Shared Services Canada"
"167.40.108.0/23,Shared Services Canada"
"167.40.110.0/24,Shared Services Canada"
"167.40.112.0/20,Shared Services Canada"
"167.43.0.0/20,Shared Services Canada"
"167.43.128.0/20,Shared Services Canada"
"167.43.192.0/21,Shared Services Canada"
"167.43.252.0/24,Shared Services Canada"
"167.44.0.0/21,Shared Services Canada"
"167.44.32.0/21,Shared Services Canada"
"167.44.105.0/24,Shared Services Canada"
"167.227.32.0/21,Shared Services Canada"
"167.227.48.0/24,Shared Services Canada"
"192.67.45.0/24,Shared Services Canada"
"192.75.17.0/24,Shared Services Canada"
"192.75.99.0/24,Shared Services Canada"
"192.139.6.0/24,Shared Services Canada"
"192.139.7.0/24,Shared Services Canada"
"192.139.141.0/24,Shared Services Canada"
"192.139.194.0/24,Shared Services Canada"
"192.139.195.0/24,Energy, Mines, and Resources Canada"
"192.197.71.0/24,Shared Services Canada"
"192.197.72.0/24,Office of the Auditor General of Canada"
"192.197.76.0/24,Shared Services Canada"
"192.197.77.0/24,GTA"
"192.197.114.0/24,Shared Services Canada"
"192.197.115.0/24,Shared Services Canada"
"192.197.243.0/24,Shared Services Canada"
"198.96.2.0/24,Natural Sciences & Engineering Reasearch Council"
"198.96.3.0/24,NSERC"
"198.96.62.0/24,Shared Services Canada"
"198.103.6.0/24,GTIS"
"198.103.10.0/24,GTIS"
"198.103.11.0/24,GTIS"
"198.103.12.0/24,GTIS"
"198.103.15.0/24,GTIS"
"198.103.18.0/24,Shared Services Canada"
"198.103.21.0/24,Shared Services Canada"
"198.103.32.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.33.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.34.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.38.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.40.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.41.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.45.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.47.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.48.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.52.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.53.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.54.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.55.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.57.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.58.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.61.0/24,Finance Canada and Treasury Board Secretariat"
"198.103.69.0/24,Shared Services Canada"
"198.103.92.0/22,Shared Services Canada"
"198.103.96.0/24,Transport Canada"
"198.103.97.0/24,Shared Services Canada"
"198.103.98.0/24,Shared Services Canada"
"198.103.99.0/24,Shared Services Canada"
"198.103.103.0/24,GTIS"
"198.103.104.0/24,Dept. Foreign Affairs and International Trade"
"198.103.108.0/24,Solicitor General Canada"
"198.103.109.0/24,Correctional Services Canada (NET-CDAGOVN-C110)"
"198.103.111.0/24,Privy Council Office"
"198.103.112.0/24,Privy Council Office"
"198.103.113.0/24,Privy Council Office"
"198.103.114.0/24,Privy Council Office"
"198.103.137.0/24,Office of the Superintendent of Financial Institutions Canada"
"198.103.143.0/24,GTIS"
"198.103.145.0/24,Courts Administrative Service"
"198.103.146.0/24,National Transportation Agency"
"198.103.147.0/24,Immigration & Refugee Board"
"198.103.148.0/24,Immigration & Refugee Board"
"198.103.152.0/24,GTIS"
"198.103.153.0/24,GTIS"
"198.103.159.0/24,Shared Services Canada"
"198.103.161.0/24,Department of Fisheries and Oceans"
"198.103.167.0/24,GTIS"
"198.103.169.0/24,GTIS"
"198.103.172.0/24,GTIS"
"198.103.174.0/24,Shared Services Canada"
"198.103.176.0/24,GTIS"
"198.103.180.0/24,GTIS"
"198.103.182.0/24,GTIS"
"198.103.183.0/24,Shared Services Canada"
"198.103.185.0/24,Shared Services Canada"
"198.103.193.0/24,GTIS"
"198.103.194.0/24,GTIS"
"198.103.196.0/24,GTIS"
"198.103.198.0/24,GTIS"
"198.103.205.0/24,GTIS"
"198.103.206.0/24,Shared Services Canada"
"198.103.208.0/24,GTIS"
"198.103.211.0/24,GTIS"
"198.103.217.0/24,Shared Services Canada"
"198.103.218.0/24,Shared Services Canada"
"198.103.223.0/24,Shared Services Canada"
"198.103.234.0/24,Shared Services Canada"
"198.103.237.0/24,GTIS"
"198.103.238.0/24,Shared Services Canada"
"198.103.244.0/24,Shared Services Canada"
"198.103.245.0/24,Shared Services Canada"
"198.103.247.0/24,Shared Services Canada"
"198.103.249.0/24,Shared Services Canada"
"198.164.3.0/24,University of New Brunswick"
"199.212.200.0/24,Shared Services Canada"
"199.212.212.0/24,Shared Services Canada"
"199.212.215.0/24,Shared Services Canada"
"199.212.216.0/24,Shared Services Canada"
"199.246.231.0/24,Canadian Radio-television and Telecommunications"
"199.246.232.0/24,Canadian Radio-television and Telecommunications"
"199.246.233.0/24,Canadian Radio-television and Telecommunications"
"199.246.234.0/24,Canadian Radio-television and Telecommunications"
"199.246.235.0/24,Canadian Radio-television and Telecommunications"
"199.246.236.0/24,Canadian Radio-television and Telecommunications"
"199.246.237.0/24,Canadian Radio-television and Telecommunications"
"199.246.238.0/24,Canadian Radio-television and Telecommunications"
"199.246.239.0/24,Canadian Radio-television and Telecommunications"
"199.246.240.0/24,IBM Canada Ltd"
"199.246.241.0/24,Canadian Radio-television and Telecommunications"
"199.246.242.0/24,Canadian Radio-television and Telecommunications"
"199.246.243.0/24,Canadian Radio-television and Telecommunications"
"199.246.244.0/24,Canadian Radio-television and Telecommunications"
"199.246.245.0/24,Canadian Radio-television and Telecommunications"
"199.246.246.0/24,Canadian Radio-television and Telecommunications"
"199.246.247.0/24,Canadian Radio-television and Telecommunications"
"199.246.248.0/24,Canadian Radio-television and Telecommunications"
"199.246.249.0/24,Canadian Radio-television and Telecommunications"
"199.246.250.0/24,Canadian Radio-television and Telecommunications"
"199.246.251.0/24,Canadian Radio-television and Telecommunications"
"199.246.252.0/24,Canadian Radio-television and Telecommunications"
"199.246.253.0/24,Canadian Radio-television and Telecommunications"
"204.187.48.0/24,Shared Services Canada"
"204.225.144.0/24,Shared Services Canada"
"205.193.1.0/24,Shared Services Canada"
"205.193.3.0/24,Shared Services Canada"
"205.193.5.0/24,Shared Services Canada"
"205.193.6.0/24,Shared Services Canada"
"205.193.7.0/24,Shared Services Canada"
"205.193.12.0/24,Shared Services Canada"
"205.193.36.0/24,Shared Services Canada"
"205.193.37.0/24,Shared Services Canada"
"205.193.39.0/24,Shared Services Canada"
"205.193.40.0/24,Shared Services Canada"
"205.193.42.0/24,Shared Services Canada"
"205.193.44.0/24,Shared Services Canada"
"205.193.45.0/24,Shared Services Canada"
"205.193.50.0/24,Shared Services Canada"
"205.193.51.0/24,Shared Services Canada"
"205.193.60.0/24,Shared Services Canada"
"205.193.61.0/24,Shared Services Canada"
"205.193.63.0/24,Shared Services Canada"
"205.193.64.0/24,Shared Services Canada"
"205.193.67.0/24,Shared Services Canada"
"205.193.72.0/24,Shared Services Canada"
"205.193.78.0/24,Shared Services Canada"
"205.193.82.0/24,Shared Services Canada"
"205.193.86.0/24,Shared Services Canada"
"205.193.91.0/24,Shared Services Canada"
"205.193.93.0/24,Shared Services Canada"
"205.193.94.0/24,Shared Services Canada"
"205.193.97.0/24,Shared Services Canada"
"205.193.98.0/24,Shared Services Canada"
"205.193.101.0/24,Shared Services Canada"
"205.193.103.0/24,Shared Services Canada"
"205.193.105.0/24,Shared Services Canada"
"205.193.107.0/24,Shared Services Canada"
"205.193.109.0/24,Shared Services Canada"
"205.193.116.0/24,Shared Services Canada"
"205.193.117.0/24,Shared Services Canada"
"205.193.118.0/24,Shared Services Canada"
"205.193.119.0/24,Shared Services Canada"
"205.193.122.0/24,Shared Services Canada"
"205.193.123.0/24,Shared Services Canada"
"205.193.124.0/24,Shared Services Canada"
"205.193.125.0/24,Shared Services Canada"
"205.193.128.0/24,Shared Services Canada"
"205.193.138.0/24,Shared Services Canada"
"205.193.139.0/24,Shared Services Canada"
"205.193.144.0/24,Shared Services Canada"
"205.193.146.0/24,Shared Services Canada"
"205.193.147.0/24,Shared Services Canada"
"205.193.148.0/24,Shared Services Canada"
"205.193.150.0/24,Shared Services Canada"
"205.193.152.0/24,Shared Services Canada"
"205.193.158.0/24,Shared Services Canada"
"205.193.163.0/24,Shared Services Canada"
"205.193.164.0/24,Shared Services Canada"
"205.193.166.0/24,Shared Services Canada"
"205.193.168.0/24,Shared Services Canada"
"205.193.170.0/24,Shared Services Canada"
"205.193.172.0/24,Shared Services Canada"
"205.193.173.0/24,Shared Services Canada"
"205.193.174.0/24,Shared Services Canada"
"205.193.180.0/24,Shared Services Canada"
"205.193.182.0/24,Shared Services Canada"
"205.193.183.0/24,Shared Services Canada"
"205.193.187.0/24,Shared Services Canada"
"205.193.190.0/24,Shared Services Canada"
"205.193.191.0/24,Shared Services Canada"
"205.193.192.0/24,Shared Services Canada"
"205.193.198.0/24,Shared Services Canada"
"205.193.199.0/24,Shared Services Canada"
"205.193.200.0/24,Shared Services Canada"
"205.193.203.0/24,Shared Services Canada"
"205.193.210.0/24,Shared Services Canada"
"205.193.212.0/24,Shared Services Canada"
"205.193.213.0/24,Shared Services Canada"
"205.193.214.0/24,Shared Services Canada"
"205.193.215.0/24,Shared Services Canada"
"205.193.216.0/24,Shared Services Canada"
"205.193.217.0/24,Shared Services Canada"
"205.193.218.0/24,Shared Services Canada"
"205.193.219.0/24,Shared Services Canada"
"205.193.220.0/24,Shared Services Canada"
"205.193.222.0/24,Shared Services Canada"
"205.193.223.0/24,Shared Services Canada"
"205.193.224.0/24,Shared Services Canada"
"205.193.225.0/24,Shared Services Canada"
"205.193.226.0/24,Shared Services Canada"
"205.193.227.0/24,Shared Services Canada"
"205.193.228.0/24,Shared Services Canada"
"205.193.229.0/24,Shared Services Canada"
"205.193.230.0/24,Shared Services Canada"
"205.193.232.0/24,Shared Services Canada"
"205.193.234.0/23,Shared Services Canada"
"205.193.236.0/24,Shared Services Canada"
"205.193.238.0/24,Shared Services Canada"
"205.194.7.0/24,Shared Services Canada"
"205.194.20.0/24,Shared Services Canada"
"205.194.21.0/24,Shared Services Canada"
"205.194.25.0/24,Shared Services Canada"
"205.194.124.0/24,Shared Services Canada"
"205.194.126.0/24,Shared Services Canada"
"205.194.127.0/24,Shared Services Canada"
"142.74.0.0/21,Shared Services Canada"
"167.227.0.0/24,Shared Services Canada"
"192.197.82.0/24,GTA"
"192.197.83.0/24,Shared Services Canada"
"198.103.0.0/16,Shared Services Canada"
"198.103.184.0/24,Shared Services Canada"
"205.193.0.0/16,Shared Services Canada"
"205.193.99.0/24,Shared Services Canada"
"205.194.16.0/24,Shared Services Canada"
"205.194.17.0/24,"
"205.194.26.0/23,Shared Services Canada"
"205.194.30.0/23,Shared Services Canada"
"205.194.32.0/23,Shared Services Canada"
"140.80.0.0/16,The Bank of Canada"
"140.80.16.0/22,The Bank of Canada"
"140.80.48.0/22,The Bank of Canada"
"140.80.112.0/24,The Bank of Canada"
"140.80.112.0/22,The Bank of Canada"
"140.80.193.0/24,The Bank of Canada"
"140.80.194.0/24,The Bank of Canada"
"140.80.196.0/24,The Bank of Canada"
"140.80.197.0/24,The Bank of Canada"
"140.80.198.0/24,The Bank of Canada"
"140.80.199.0/24,The Bank of Canada"
"140.80.201.0/24,The Bank of Canada"
"131.137.0.0/17,Department of National Defence"
"131.137.0.0/16,Department of National Defence"
"131.137.128.0/17,Department of National Defence"
"131.137.249.0/24,Department of National Defence"
"131.138.0.0/17,Shared Services Canada"
"131.138.0.0/16,Shared Services Canada"
"131.138.128.0/17,Shared Services Canada"
"131.139.128.0/18,Shared Services Canada"
"131.139.192.0/18,Shared Services Canada"
"192.16.240.0/20,Various Registries (Maintained by ARIN)"
"192.16.250.0/24,Shared Services Canada"
"192.16.251.0/24,Shared Services Canada"
"135.84.104.0/22,CENGN -Centre of Excellence in Next Generation Networks"
"128.43.0.0/16,Shared Services Canada"
"131.132.0.0/16,Shared Services Canada"
"131.135.0.0/16,Defense Research Establishment Ottawa"
"131.136.0.0/16,Department of National Defence"
"142.98.224.0/24,Shared Services Canada"
"142.98.227.0/24,Shared Services Canada"
"142.98.230.0/23,Shared Services Canada"
"142.98.254.0/24,Shared Services Canada"
"192.75.68.0/24,Shared Services Canada"
"198.73.135.0/24,Shared Services Canada"
"198.73.136.0/24,Shared Services Canada"
"199.212.16.0/24,Shared Services Canada"
"199.212.17.0/24,Shared Services Canada"
"199.212.18.0/24,Shared Services Canada"
"199.212.19.0/24,Shared Services Canada"
"199.212.20.0/24,Shared Services Canada"
"199.212.20.0/23,Shared Services Canada"
"199.212.21.0/24,Shared Services Canada"
"205.189.5.0/24,Shared Services Canada"
"205.189.6.0/24,Shared Services Canada"
"205.189.7.0/24,Shared Services Canada"
"205.189.8.0/24,Shared Services Canada"
"205.189.9.0/24,Shared Services Canada"
"205.189.10.0/24,Shared Services Canada"
"205.189.11.0/24,Shared Services Canada"
"205.211.132.0/24,Shared Services Canada"
"205.211.133.0/24,Shared Services Canada"
"205.211.134.0/24,Shared Services Canada"
"142.92.0.0/16,Shared Services Canada"
"192.197.178.0/24,Shared Services Canada"
"192.197.180.0/24,Shared Services Canada"
"192.197.181.0/24,Shared Services Canada"
"192.197.183.0/24,Shared Services Canada"
"192.197.184.0/24,Shared Services Canada"
"199.212.150.0/24,Shared Services Canada"
schaos@stack:/stuff/elastic-data/demo$
Le résultat doit toujours être validé pour supprimer les “doublons”.
Dans l’exemple ci-dessous le premier subnet 132.246.0.0/16 inclut déjà les 7 autres subnet.
Exemple, les subnet ci-dessous :
"132.246.0.0/16,Shared Services Canada"
"132.246.0.0/17,Shared Services Canada"
"132.246.56.0/23,Shared Services Canada"
"132.246.60.0/24,Shared Services Canada"
"132.246.128.0/18,Shared Services Canada"
"132.246.172.0/23,Shared Services Canada"
"132.246.192.0/19,Shared Services Canada"
"132.246.224.0/19,Shared Services Canada"
aggregate sur linux permet facilement d’optimiser les subnet et supprimer les doublons
aggregate - optimise a list of route prefixes to help make nice short filters
Exemple pour collecter les subnet d’un ASN en utilisant l’utilitaire whois
schaos@stack:/stuff/elastic-data/demo$ whois -h whois.radb.net -i origin AS74 | grep -Eo '([0-9.]+){4}/[0-9]+'
128.43.0.0/16
131.132.0.0/16
131.135.0.0/16
131.136.0.0/16
128.43.0.0/16
131.132.0.0/16
131.135.0.0/16
131.136.0.0/16
192.12.98.0/24
192.12.215.0/24
192.16.207.0/24
192.16.208.0/24
192.16.211.0/24
192.16.225.0/24
131.137.0.0/16
192.5.144.0/24
128.43.0.0/16
131.132.0.0/16
131.135.0.0/16
131.136.0.0/16
schaos@stack:/stuff/elastic-data/demo$
Exemple de script pour automatiser la collecte à l’aide de l’utilitaire whois.
#!/bin/sh
exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' 0 1 2 3
exec 1>>/stuff/production_recon/_asn/logs/whois-asn-to-subnet.log 2>&1
if [ ! -x "/usr/bin/whois" ]; then
echo "whois must be installed at /usr/bin/whois"
exit 2
elif [ ! -x "/usr/bin/aggregate" ]; then
echo "aggregate must be installed at /usr/bin/aggregate"
exit 2
fi
echo "Debut du script whois to asn" | ts
set -x
TARGETASN=/stuff/production_recon/input/asn-demo.txt
#TARGETASN=/stuff/production_recon/input/asn-gouv.canada.txt
#TARGETASN=/stuff/production_recon/input/asn-gouv.quebec.txt
#TARGETASN=/stuff/production_recon/input/asn-banques.txt
#TARGETASN=/stuff/production_recon/input/asn-gouv.education.txt
#TARGETASN=/stuff/production_recon/input/asn-autres.txt
#TARGETASN=/stuff/production_recon/input/asn-gouv.municipalite.txt
#TARGETASN=/stuff/production_recon/input/asn-gouv.fournisseurs.txt
#TARGETASN=/stuff/production_recon/input/asn-cellulaire.bell.txt
#TARGETASN=/stuff/production_recon/input/asn-cellulaire.telus.txt
#TARGETASN=/stuff/production_recon/input/asn-cellulaire.videotron.txt
#TARGETASN=/stuff/production_recon/input/asn-energie.txt
#TARGETASN=/stuff/production_recon/input/asn-miniere.txt
#TARGETASN=/stuff/production_recon/input/asn-transport.txt
#TARGETASN=/stuff/production_recon/input/asn-datacenter.txt
#TARGETASN=/stuff/production_recon/input/asn-satelitte.txt
OUTPUTASN=/stuff/production_recon/_asn/output/$(date +"%Y-%m-%d")/
set +x
mkdir -p ${OUTPUTASN}
while read LINE;
do
echo "Debut du traitement de : ${LINE} " | ts
set -x
whois -h whois.radb.net -i origin ${LINE} | grep -Eo '([0-9.]+){4}/[0-9]+' | aggregate > ${OUTPUTASN}${LINE}.txt
set +x
echo "Fin du traitement de : ${LINE} " | ts
sleep 10
lines=`wc -l < ${OUTPUTASN}${LINE}.txt`
echo "ASN ${LINE} contient ${lines} subnet enregistrés dans le fichier ${OUTPUTASN}${LINE}.txt " | ts
done < "$TARGETASN"
echo "Exécution du script terminé" | ts
L'utilitaire aggregate utilisé dans le script ci-dessus permet d'optimiser les subnets et supprimer des entrées qui pourraient être en double.
Dans l’exemple ci-dessous, ASN11489 (Gouvernement du Québec) contient 50 subnet. Par contre, une fois optimisé, les 50 subnet peuvent être représentés par seulement 26 subnet. Pour l’inverse, Si vous avez besoin de convertir les 26 subnet en plusieurs subnet exemple /24, vous pouvez utiliser mapcidr de Project Discovery qui fonctionne très bien.
wc -l AS11489.txt
50 AS11489.txt
cat AS11489.txt | aggregate | wc -l
aggregate: maximum prefix length permitted will be 32
26