0

I'm looking for some pointers to send me in the right direction. I have a list of about 60 variable subnets which reside on various firewalls around the globe.

10.10.10.0/24  Firewall-Denver
10.10.20.0/25  Firewall-NewYork
10.10.30.0/28  Firewall-China

etc ...

I have another (very long) list of IP addresses which I would like to check against the list of subnets (I assume a python module would be best placed to do this?) and then I want to return the firewall which that subnet is associated with.

10.10.10.1
10.10.10.174
10.10.20.3
10.10.30.19

So return something like

10.10.10.1   Firewall-Denver
10.10.10.174 Firewall-Denver
10.10.20.3   Firewall-NewYork
10.10.30.19  Firewall-China

Thank you for your advice in advance. So I am not just looking for the IP/Subnet but a different key to be returned.

Paul Dawson
  • 1,332
  • 14
  • 27

1 Answers1

4

You could use the ipaddress module in python 3:

import ipaddress

ipsub = {"10.10.10.0/24": "Firewall-Denver", "10.10.20.0/25": "Firewall-NewYork"}
iplist = ["10.10.10.1","10.10.10.174","10.10.20.126"]

ipfirewall = {}

for i in ipsub:
    for j in iplist:
        if ipaddress.ip_address(j) in ipaddress.ip_network(i):
            ipfirewall[j] = ipsub[i]

Output:

>>> ipfirewall
{'10.10.10.1': 'Firewall-Denver', '10.10.20.126': 'Firewall-NewYork', '10.10.10.174': 'Firewall-Denver'}

If you want to output a nested list then write it to a file, use this instead:

import ipaddress

ipsub = {"10.10.10.0/24": "Firewall-Denver" ,"10.10.20.0/25": "Firewall-NewYork"}
iplist = ["10.10.10.1","10.10.10.174","10.10.20.126"]

ipfirewall = []


for i in ipsub:
    for j in iplist:
        if ipaddress.ip_address(j) in ipaddress.ip_network(i):
            ipfirewall.append([j,ipsub[i]])
with open('output.txt', 'w') as file:
    file.writelines('\t'.join(i) + '\n' for i in ipfirewall)

Output:

>>> ipfirewall
[['10.10.10.1', 'Firewall-Denver'], ['10.10.10.174', 'Firewall-Denver'], ['10.10.20.126', 'Firewall-NewYork']]
Farhan.K
  • 3,425
  • 2
  • 15
  • 26
  • Hi Farhan, if I run the command from a file with 'python3 commands.py' I get no output. I have everything in there and there is no error. Do I need to do something else if it is in a file? – Paul Dawson Mar 11 '16 at 15:07
  • 1
    How have you entered the list of ip subnets and firewalls into the script? You could write the output to a file using `with open('filename', 'w') as file: file.writelines('\t'.join(i) + '\n' for i in ipfirewall)` – Farhan.K Mar 11 '16 at 15:18
  • It's working from the python shell but I am just getting garble in the file from the commany line running the file when using : with open('filename', 'w') as file: file.writelines('\t'.join(i) + '\n' for i in ipfirewall) – Paul Dawson Mar 11 '16 at 15:44
  • I changed the \t to no character and I am getting the IP address now but not the firewall. Almost there! – Paul Dawson Mar 11 '16 at 15:55
  • 1
    I've edited my answer to show you what I meant. Is that what you are doing? I'm not sure why you are getting just the IP address but not the firewall. Could you update your post to show your full code? – Farhan.K Mar 11 '16 at 15:59
  • I used the second example and it worked! Thank you! Could I ask what these lines do? 1. ipfirewall.append([j,ipsub[i]]) ---and this line --- 2. file.writelines('\t'.join(i) + '\n' for i in ipfirewall) – Paul Dawson Mar 11 '16 at 16:06
  • 1
    `ipfirewall.append([j,ipsub[i]])` adds `j` (the ip address) and `ipsub[i]` (the firewall) to the list `ipfirewall` to create a nested list. `file.writelines('\t'.join(i) + '\n' for i in ipfirewall)` puts a `\t` (tab) between the ip address and firewall then writes it to the file along with a `\n` (new line). It does this for every entry in `ipfirewall` – Farhan.K Mar 11 '16 at 16:11
  • Awesome. Thanks again for your help.I have a much better understanding . iplist will actually be passed in from a bash script but I'll open up a new Question for this. – Paul Dawson Mar 11 '16 at 16:18