Convert IP address (within a line) to hostname

Shell Programming and Scripting
1

I have a tricky problem, and I'm quite the scripting newb.

I have Cisco ACLs that have IP addresses in them. I'd like to convert the IP's to hostnames for easier analysis. A sample ACL input file would be (I've obfuscated the IPs):

access-list acl-secure-out line 1 extended permit icmp any any 
access-list acl-secure-out line 2 extended permit tcp host 200.00.000.000 object-group ser-secure-bed eq 2049 
access-list acl-secure-out line 2 extended permit tcp host 200.00.000.000 host 10.0.000.1 eq 2049

Here is the trick - I only want to convert host IPs - so, any IP that follows the word 'host' in the ACL (which I have as a text file).

So far, I've used awk to try something like this:

awk '$8 ~ /host/ && $10 ~ /host/ {print $0, system ("dig +short -x"$9)system("dig +short -x"$11)}'

but that gives me strange output:

xxxx.xx.xxx.net.
xxxx.xx.yyyy.com.
00ess-list acl-secure-out line 2 extended permit tcp host 200.00.000.000 host 10.0.000.0 eq 2049

For some reason, the system command output prints out before the whole line, and munges up the line output (see '00ess-list' at the beginning of the 3rd line). I know that command wouldn't do exactly what I wanted, but I think I'm close.

The system command is working OK - it's looking up the hostname just fine, I just need to find a way to do that, and replace the IP in the line with the hostname, but only when the IP is preceded by the word 'host'.

I really hope I'm making sense here :slight_smile: Any thoughts?

2

I see two IP addresses coming after "host" in your file, so do you want to get each IP addresses that occurs after each "host" word? Can you illustrate the output you want?

3

Yes, exactly what I want. Sample output would look something like this:

access-list acl-secure-out line 2 extended permit tcp host hostname1.example.com object-group ser-secure-bed eq 2049 
access-list acl-secure-out line 2 extended permit tcp host hostname2.example.com host hostname3.example.com eq 2049

The trick here is, some lines have one host, some have two, and others have none. I need all of the lines in the output file though, with just the IPs resolved.

Thanks again!

4

well, perl to the rescue:

#!/usr/bin/perl
open MYFILE, $ARGV[0] or die $!;
while (<MYFILE>) {
chomp;
#perform work here
($field1,$field2,$field3,$field4,$field5,$field6,$field7,$field8,$field9,$field10,$field11,$field12,$field13) = split(' ');
if ($field10 eq "host" and $field8 eq "host") {
   my $srcip = `dig +short -x $field9`;
   my $dstip = `dig +short -x $field11`;
   chomp $srcip;
   chomp $dstip;
   print "$field1 $field2 $field3 $field4 $field5 $field6 $field7 $field8 $field9($srcip) $field10 $field11($dstip) $field12 $field13\n";
   } 
elsif ($field8 eq "host" and $field10 ne "host") {
   my $srcip = `dig +short -x $field9`;
   chomp $srcip;
   print "$field1 $field2 $field3 $field4 $field5 $field6 $field7 $field8 $field9($srcip) $field10 $field11 $field12 $field13\n";
   } 
elsif ($field10 eq "host") {
   my $srcip = `dig +short -x $field11`;
   chomp $srcip;
   print "$field1 $field2 $field3 $field4 $field5 $field6 $field7 $field8 $field9 $field10 $field11($srcip) $field12 $field13\n";
   }
else { 
   print "$field1 $field2 $field3 $field4 $field5 $field6 $field7 $field8 $field9 $field10 $field11 $field12 $field13\n";}
   }
close (MYFILE);

you put your input file on the command line as an argument. If the word 'host' appears in certain locations, then the next field is assumed to be an IP address. The script then prints the line, with the resolved IP in parenthesis after the raw IP. Obviously, you can redirect output to stdout or to a file.

Not elegant, but it seems to work :slight_smile: