FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 09-10-2011, 02:26 PM
Always Learning
 
Default TIP for broken ARIN whois

This works for me on Centos 5.6. It may assist newcomers to the Linux
world of Centos.

whois 51.51.51.51

produces a normal and conventional display of data.

However since ARIN, the North American registrar of IP addresses,
"modernised" its WHOIS processing, a query to

whois 64.64.64.64

will produce a one line summary of possible matches, which always
includes ARIN, but omits the details we used to receive before ARIN
implemented its much criticised "improved" service.

A one line script solves it for me (but only for ARIN network entries).

#!/bin/bash
whois -h whois.arin.net n + $1

I call my script .arin

.arin 64.64.64.64

produces a normal output.



Paul.

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-10-2011, 03:23 PM
 
Default TIP for broken ARIN whois

On Sat, 10 Sep 2011, Always Learning wrote:

> This works for me on Centos 5.6. It may assist newcomers to the Linux
> world of Centos.
>
> whois 51.51.51.51
>
> produces a normal and conventional display of data.
>
> However since ARIN, the North American registrar of IP addresses,
> "modernised" its WHOIS processing, a query to
>
> whois 64.64.64.64
>
> will produce a one line summary of possible matches, which always
> includes ARIN, but omits the details we used to receive before ARIN
> implemented its much criticized "improved" service.
>
> A one line script solves it for me (but only for ARIN network entries).
>
> #!/bin/bash
> whois -h whois.arin.net n + $1

Where is this syntax documented? I see the -h option in the man page but
the n + part is not there and I would like to understand where that comes from.

Regards,

--
Tom me@tdiehl.org Spamtrap address me123@tdiehl.org
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-10-2011, 03:41 PM
Always Learning
 
Default TIP for broken ARIN whois

On Sat, 2011-09-10 at 11:23 -0400, me@tdiehl.org wrote:

> Where is this syntax documented? I see the -h option in the man page
> but the n + part is not there and I would like to understand where
> that comes from.

whois -h whois.arin.net ?

The ' n + ' are parameters (arguments) introduced by ARIN. They are not
part of the standard WHOIS.

To reduce typing I now use for WHOIS:-

.w 65.65.65.65

.w being a one line script containing (whois $1).

When that encounters the ARIN deficiency, I simply up-arrow to get the
previous line and add 'a'

.wa 65.65.65.65

.wa is my ARIN whois command (whois -h whois.arin.net n + $1)


However, when ARIN redirects the original enquiry to a RWHOIS, the query
is broken and unrecognised by the RWHOIS

whois -h whois.arin.net n + 66.66.66.66

It is a bit of a North American mess. I hope Europe's RIPE retains its
fully functioning WHOIS.


Paul.


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-11-2011, 02:56 PM
 
Default TIP for broken ARIN whois

On Sat, 10 Sep 2011, Always Learning wrote:

>
> On Sat, 2011-09-10 at 11:23 -0400, me@tdiehl.org wrote:
>
>> Where is this syntax documented? I see the -h option in the man page
>> but the n + part is not there and I would like to understand where
>> that comes from.
>
> whois -h whois.arin.net ?
>
> The ' n + ' are parameters (arguments) introduced by ARIN. They are not
> part of the standard WHOIS.

Thanks. That is what I was looking for.

Regards,

--
Tom me@tdiehl.org Spamtrap address me123@tdiehl.org
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-12-2011, 12:55 AM
Steve Walsh
 
Default TIP for broken ARIN whois

On 09/11/2011 12:26 AM, Always Learning wrote:
> This works for me on Centos 5.6. It may assist newcomers to the Linux
> world of Centos.
>
> whois 51.51.51.51
>
> produces a normal and conventional display of data.
>
> However since ARIN, the North American registrar of IP addresses,
> "modernised" its WHOIS processing, a query to
>
> whois 64.64.64.64
>
> will produce a one line summary of possible matches, which always
> includes ARIN, but omits the details we used to receive before ARIN
> implemented its much criticised "improved" service.
>
> A one line script solves it for me (but only for ARIN network entries).
>
> #!/bin/bash
> whois -h whois.arin.net n + $1

Any particular reason you used a bash script as opposed to an alias in
your bash config?

> I call my script .arin
>
> .arin 64.64.64.64
>
> produces a normal output.


Out of interest, have you thought about sending this through to the
NANOG (http://www.nanog.org/mailinglist/) list?
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-12-2011, 02:31 AM
Always Learning
 
Default TIP for broken ARIN whois

On Mon, 2011-09-12 at 10:55 +1000, Steve Walsh wrote:

> I wrote:-
> > A one line script solves it for me (but only for ARIN network entries).
> >
> > #!/bin/bash
> > whois -h whois.arin.net n + $1

> Any particular reason you used a bash script as opposed to an alias in
> your bash config?

My understanding of aliases is I can not include additional parameters
although I know virtually little about them. I do use links like these

sv = service
ipt = iptables

etc. but have never knowingly used an alias. Don't forget I am a Linux
novice. Everything I currently know I have taught myself either from
books, experimentation or examples on this list or adapted from similar
things from pre-Linux days.

> > I call my script .arin
> >
> > .arin 64.64.64.64
> >
> > produces a normal output.
>
>
> Out of interest, have you thought about sending this through to the
> NANOG (http://www.nanog.org/mailinglist/) list?

Never heard of them. It see it is the North American Network Operators'
Group. Following your suggestion I will repost the item there.

Regards,

Paul.


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-12-2011, 04:55 AM
Bart Schaefer
 
Default TIP for broken ARIN whois

On Sun, Sep 11, 2011 at 7:31 PM, Always Learning <centos@u61.u22.net> wrote:
>
>> > * * #!/bin/bash
>> > * * whois -h whois.arin.net n + $1
>
>> Any particular reason you used a bash script as opposed to an alias in
>> your bash config?
>
> My understanding of aliases is I can not include additional parameters

With bash / ksh / zsh aliases you can't rearrange the parameters, but
you can always add them to the end. E.g. this:

alias .arin='whois -h whois.arin.net n +'

can be called as

.arin 64.64.64.64

and will expand the way you want. However, if you needed to have
something come after 64.64.64.64, or to be mixed in with the whois
options, you'd have to use a script or a shell function. I.e., if you
wanted to pass the name of the whois server rather than hardcode it:

.arin() { whois -h $1 n + $2; }

That can't be done with an alias (except in csh).
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-14-2011, 06:26 PM
"Michael H. Warfield"
 
Default TIP for broken ARIN whois

Just a point on the curve but...

ARIN has made a deliberate decision to move emphasis over to their
RESTful Web Interface, Whois-RWS. Part of the reason is performance and
part of the reason is for granularity of the data available. They
really REALLY want people to make that move although they will continue
to support the old whois for a lot of the basic stuff.

https://www.arin.net/resources/whoisrws/index.html

I believe one of the things I heard at last years NANOG / ARIN
conference here in Atlanta was that they would no longer be providing
certain information such as reverse DNS servers in the old whois because
that's now in a different database or some such. On another closed
security forum on which I participate someone was having problems
getting at Abuse POC information. There a parameter for that as well
but they prefer using the Whois-RWS interface and API instead. I think
we'll be hearing more of that as time goes on.

Regards,
Mike

On Sat, 2011-09-10 at 15:26 +0100, Always Learning wrote:
> This works for me on Centos 5.6. It may assist newcomers to the Linux
> world of Centos.
>
> whois 51.51.51.51
>
> produces a normal and conventional display of data.
>
> However since ARIN, the North American registrar of IP addresses,
> "modernised" its WHOIS processing, a query to
>
> whois 64.64.64.64
>
> will produce a one line summary of possible matches, which always
> includes ARIN, but omits the details we used to receive before ARIN
> implemented its much criticised "improved" service.
>
> A one line script solves it for me (but only for ARIN network entries).
>
> #!/bin/bash
> whois -h whois.arin.net n + $1
>
> I call my script .arin
>
> .arin 64.64.64.64
>
> produces a normal output.
>
>
>
> Paul.
>
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw@WittsEnd.com
//|=mhw=|// | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-14-2011, 07:32 PM
Edward Morbius
 
Default TIP for broken ARIN whois

Another alternative, if you're simply looking for ASN/CIDR information, is to use the routeviews project.
host -t txt 51.51.51.51.asn.routeviews.org*

... returns the ASN and CIDR block of the IP in question.
Note that as usual, this is reversed dotted quad, so if your original IP is 1.2.3.4, you're querying 4.3.2.1.asn.routeviews.org

More information on the routeviews project: http://www.routeviews.org/
If you want information on the ASN, you can still query WHOIS. * Or you can hit the CIDR Report:

http://www.cidr-report.org
Example:
$ host www.cidr-report.orgwww.cidr-report.org has address 203.133.248.2

$ host -t txt 2.248.133.203.asn.routeviews.org*2.248.133.203.asn .routeviews.org descriptive text "4608" "203.133.248.0" "24"

karsten@zharben:~$ host -t txt 51.51.51.51.asn.routeviews.org51.51.51.51.asn.rout eviews.org descriptive text "4294967295" "0" "0"
karsten@zharben:~$ host www.cidr-report.orgwww.cidr-report.org has address 203.133.248.2karsten@zharben:~$ host -t text 2.248.133.103.asn.routeviews.org*
host: invalid type: text
karsten@zharben:~$ host -t txt 2.248.133.103.asn.routeviews.org*Host 2.248.133.103.asn.routeviews.org not found: 3(NXDOMAIN)
karsten@zharben:~$ host -t txt 2.248.133.203.asn.routeviews.org*2.248.133.203.asn .routeviews.org descriptive text "4608" "203.133.248.0" "24"
karsten@zharben:~$ whois n 4608No whois server is known for this kind of object.karsten@zharben:~$ whois n!4608bash: !4608: event not foundkarsten@zharben:~$ whois AS4608
% [whois.apnic.net node-5]% Whois data copyright terms * *http://www.apnic.net/db/dbcopyright.html

as-block: * * AS4608 - AS4864descr: * * * *APNIC ASN blockremarks: * * *These AS numbers are further assigned by APNICremarks: * * *to APNIC members and end-users in the APNIC region
admin-c: * * *HM20-APtech-c: * * * HM20-APmnt-by: * * * APNIC-HMmnt-lower: * *APNIC-HMchanged: * * *hm-changed@apnic.net 20020926
changed: * * *hm-changed@apnic.net 20030207changed: * * *hm-changed@apnic.net 20050309source: * * * APNIC

aut-num: * * * *AS4608as-name: * * * *APNIC-APdescr: * * * * *Asia Pacific Network Information Centredescr: * * * * *Regional Internet Registry for the Asia-Pacific Region
descr: * * * * *6 Cordelia Streetdescr: * * * * *PO Box 3646descr: * * * * *South Brisbane, QLD 4101descr: * * * * *Australiacountry: * * * *AUadmin-c: * * * *HM20-AP
tech-c: * * * * NO4-APnotify: * * * * noc@apnic.netmnt-by: * * * * MAINT-APNIC-APmnt-irt: * * * *IRT-APNIC-APchanged: * * * *hm-changed@apnic.net
changed: * * * *hm-changed@apnic.net 20110309changed: * * * *hm-changed@apnic.net 20110815source: * * * * APNIC

role: * * * * * APNIC Hostmasteraddress: * * * *6 Cordelia Streetaddress: * * * *South Brisbaneaddress: * * * *QLD 4101country: * * * *AUphone: * * * * *+61 7 3858 3100
fax-no: * * * * +61 7 3858 3199e-mail: * * * * helpdesk@apnic.netadmin-c: * * * *AMS11-APtech-c: * * * * AH256-APnic-hdl: * * * *HM20-AP
remarks: * * * *Administrator for APNICnotify: * * * * noc@apnic.netmnt-by: * * * * MAINT-APNIC-APchanged: * * * *hm-changed@apnic.net 19981111
changed: * * * *dbmon@apnic.net 19990702changed: * * * *hm-changed@apnic.net 20020211changed: * * * *hm-changed@apnic.net 20070612
changed: * * * *hm-changed@apnic.net 20100217changed: * * * *hm-changed@apnic.net 20101217changed: * * * *hm-changed@apnic.net 20110815
source: * * * * APNIC
person: * * * * APNIC Network Operationsaddress: * * * *6 Cordelia Streetaddress: * * * *South Brisbaneaddress: * * * *QLD 4101
country: * * * *AUphone: * * * * *+61 7 3858 3100fax-no: * * * * +61 7 3858 3199e-mail: * * * * netops@apnic.netnic-hdl: * * * *NO4-AP
remarks: * * * *Administrator for APNIC Network Operationsnotify: * * * * netops@apnic.netmnt-by: * * * * MAINT-APNIC-APchanged: * * * *netops@apnic.net 19981111
changed: * * * *hostmaster@apnic.net 20020211changed: * * * *hm-changed@apnic.net 20081205changed: * * * *hm-changed@apnic.net 20101217
source: * * * * APNIC

$ whois AS4608*% [whois.apnic.net node-1]% Whois data copyright terms * *http://www.apnic.net/db/dbcopyright.html

as-block: * * AS4608 - AS4864descr: * * * *APNIC ASN blockremarks: * * *These AS numbers are further assigned by APNICremarks: * * *to APNIC members and end-users in the APNIC region
admin-c: * * *HM20-APtech-c: * * * HM20-APmnt-by: * * * APNIC-HMmnt-lower: * *APNIC-HMchanged: * * *hm-changed@apnic.net 20020926
changed: * * *hm-changed@apnic.net 20030207changed: * * *hm-changed@apnic.net 20050309source: * * * APNIC
*<etc.>
On Sat, Sep 10, 2011 at 7:26 AM, Always Learning <centos@u61.u22.net> wrote:

This works for me on Centos 5.6. It may assist newcomers to the Linux

world of Centos.



* * * *whois 51.51.51.51



produces a normal and conventional display of data.



However since ARIN, the North American registrar of IP addresses,

"modernised" its WHOIS processing, a query to



* * * *whois 64.64.64.64



will produce a one line summary of possible matches, which always

includes ARIN, but omits the details we used to receive before ARIN

implemented its much criticised "improved" service.



A one line script solves it for me (but only for ARIN network entries).



* * * *#!/bin/bash

* * * *whois -h whois.arin.net n + $1



I call my script .arin



* * * *.arin 64.64.64.64



produces a normal output.







Paul.



_______________________________________________

CentOS mailing list

CentOS@centos.org

http://lists.centos.org/mailman/listinfo/centos



--
Dr. Ed Morbius
Chief Scientist / Philologist / Robot Wrangler / Powerplant Operator
Krell Power Systems Unlimited



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:06 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org