bash script to perform dig -x

Question

Good day. I was reading another post regarding resolving hostnames to IPs and only using the first IP in the list.

I want to do the opposite and used the following script:

#!/bin/bash

IPLIST="/Users/mymac/Desktop/list2.txt"

for IP in 'cat $IPLIST'; do
domain=$(dig -x $IP +short | head -1)
echo -e  "$domain" >> results.csv 
done < domainlist.txt

I would like to give the script a list of 1000+ IP addresses collected from a firewall log, and resolve the list of destination IP's to domains. I only want one entry in the response file since I will be adding this to the CSV I exported from the firewall as another "column" in Excel. I could even use multiple responses as semi-colon separated on one line (or /,|,\,* etc). The list2.txt is a standard ascii file. I have tried EOF in Mac, Linux, Windows.

216.58.219.78
206.190.36.45
173.252.120.6

What I am getting now:

The domainlist.txt is getting an exact duplicate of list2.txt while the results has nothing. No error come up on the screen when I run the script either.

I am running Mac OS X with Macports.

Does `dig -x` provide the output you want when performed manually? The manual page for `dig` says that the `-f` option will run it in batch mode given a file of IP addresses. Perhaps that's a better starting place? — lurker, Feb 23 '15 at 19:34
what's the point of `done < domainlist.txt` in this particular case ? the for loop does not need it at all. When I test your code (w/o the domainlist.txt stuff), the only fishy thing is that you don't use backquotes for the `cat $IPLIST`. I suppose this is a copy paste mistake ? If not, then that's the reason why it doesn't work :) A more readable way is to use `for IP in $( cat $IFLIST ); do` — tgo, Feb 23 '15 at 19:50
@tgo, your suggestion fixed the problem. I cannot select you as answer. — user1141869, Feb 23 '15 at 20:25

score 2 · Answer 1 · answered Feb 24 '15 at 08:35

Your script has a number of syntax and stylistic errors. The minimal fix is to change the quotes around the cat:

for IP in `cat $IPLIST`; do

Single quotes produce a literal string; backticks (or the much preferred syntax $(cat $IPLIST)) performs a command substitution, i.e. runs the command and inserts its output. But you should fix your quoting, and preferably read the file line by line instead. We can also get rid of the useless echo.

#!/bin/bash

IPLIST="/Users/mymac/Desktop/list2.txt"

while read IP; do
    dig -x "$IP" +short | head -1
done < "$IPLIST" >results.csv

As per your comments, I'm guessing `domains.txt` was never useful or necessary in the first place. If it's needed, please update your question to explain what it's used for. — tripleee, Feb 24 '15 at 08:36

hek2mgl · Answer 2 · 2015-02-23T20:01:04.127

Seems that in your /etc/resolv.conf you configured a nameserver which does not support reverse lookups and that's why the responses are empty.

You can pass the DNS server which you want to use to the dig command. Lets say 8.8.8.8 (Google) for example:

dig @8.8.8.8 -x "$IP" +short | head -1

The commands returns the domain with a . appended. If you want to replace that you can additionally pipe to sed:

... | sed 's/.$//'

bash script to perform dig -x

2 Answers2