Get live hosts MAC in local network

Question

Hi I'm working on a small bash script that will scan lan every 5 minutes and get live host and then get theirs MAC addresses.

So far I have this:

nmap -sP -n -oG - 10.0.0.1-20 | grep "Up" | awk '{print $2}'

Which gives me ip addresses. Now I have to do something like

arp -an | grep 'ip'

but I'm new to bash and I don't know how :)

score 4 · Accepted Answer · answered Feb 05 '11 at 00:11

4

Here is a script that does exactly what you want:

#!/bin/bash

HOSTS=$(nmap -sP -n -oG - 192.168.1.1-10 | grep "Up" | awk '{print $2}')

for host in ${HOSTS}; do
  arp -an | grep ${host} | awk '{print $2 $4}'
done

answered Feb 05 '11 at 00:11

James Sumners

14,485
10
59
77

great!! Problem now is that I get error like - (10.0.0.10)(incomplete). – ajitam Feb 05 '11 at 00:19

Daniel Kutik · Answer 2 · 2012-12-11T06:01:38.243

2

Try using arp-scan, e.g:

sudo arp-scan --interface=wlan0 192.168.1.0/24

edited Dec 11 '12 at 06:01

answered Feb 05 '11 at 00:04

Daniel Kutik

6,997
2
27
34

score 0 · Answer 3 · answered Mar 27 '13 at 09:42

0

For the second part of the query You could use arping :

for host in $(nmap -sP -n -oG - 192.168.83.1-35 | grep "Up" | awk '{print $2}');
    do arping $host -c 1;
done

answered Mar 27 '13 at 09:42

Fedir RYKHTIK

9,844
6
58
68

score 0 · Answer 4 · answered Feb 19 '15 at 13:09

This one outputs all records in a greppable format:

nmap -n -sP 10.0.3.0/24 | awk '/Nmap scan report/{printf $5;printf " ";getline;getline;print $3;}'

It seems to work also for IP's/MAC's which are not already in the hosts ARP table. That's a good thing. On my system the script from the accepted answer only shows hosts which are listed in the ARP table...

Results in:

10.0.3.100 B8:27:EB:8E:C5:51
10.0.3.101 00:26:B6:E1:4B:EB
10.0.3.112 00:01:29:02:55:25
etc..

Get live hosts MAC in local network

4 Answers4