Whois at the CLI: get all IP ranges from an AS number

Author: 5 Comments

Just a note to my future self, in case I ever need it again. All you need is the AS number.

$ whois -h whois.radb.net -- '-i origin AS1234' | grep 'route:'
route:          1.2.3.0/24
...

For instance, all Facebook's IP addresses in use.

$ whois -h whois.radb.net -- '-i origin AS32934' | grep 'route:'
route:      204.15.20.0/22
route:      69.63.176.0/20
...

Or all their IPv6 ranges.

$ whois -h whois.radb.net -- '-i origin AS32934' | grep 'route6:'
route6:     2620:0:1c00::/40
route6:     2a03:2880::/32
...

Very useful if you want to write scripts that uses these IP ranges as filters.

Think of scripts to quickly ban all Facebook traffic (you know, in case the Facebook content scrapers are performing a DoS on your site), check Google IP ranges vs. the User-Agents used in your webserver access logs, ...

Comments
  1. Posted by Stéphan
    • Posted by Mattias Geniar
  2. Posted by Stéphan
  3. Posted by Stéphan
    • Posted by Mattias Geniar

Add Your Comment