You are not logged in.

#1 2017-04-22 12:53:09

o9000
tint2 developer
From: Network Neighborhood
Registered: 2015-10-24
Posts: 399
Website

Colored ping and traceroute

I've stumbled upon spark, which uses these Unicode characters ▁▂▃▄▅▆▇█ to display graphs in the terminal; and prettyping which makes use of these too, and also adds colors to ping output. It parses the output of the ping program, then adds the formatting.

The result looks like this:

prettyping_1.th.png

It would have been nice to extend this to traceroute, but traceroute output is quite difficult to parse. For traceroute I wrote my own version in Python. Unlike ping and traceroute, it does not require root privileges (but needs a sysctl to allow users to create ICMP sockets). It can also send pings.

The result looks like this:

scrot-trace.th.png

For ping:

scrot-ping.th.png

To find the 256 foreground text colors supported by the terminal, I used this one-liner:

for i in {0..255} ; do printf "%3d: \e[38;5;%sm▄\e[0m " "$i" "$i" ; done ; echo ""

In Python, "\e" must be replaced with "\x1b".

Alternatively, the grc program can color the output of various commands. However the color is chosen by type of content, not by value. This means that, for example, IP addresses are shown in a different color than latencies, but all strings of the same type have the same color. It looks like this:

oFzYp.th.png

grc is in the Debian repositories. I could not find any of the others.

grc is quite useful for showing logs:

grc cat /var/log/syslog | less -r
grc tail -f /var/log/syslog
grc dmesg -w

qspK7.th.png

Last edited by o9000 (2017-04-22 13:17:22)

Offline

#2 2017-04-22 13:44:55

twoion
ほやほや
Registered: 2015-08-10
Posts: 2,531

Re: Colored ping and traceroute

Looks nice. I see you do extract text from the WHOIS response smile You might want to look into using RDAP (Registration Data Access Protocol) instead which has been hailed as the WHOIS successor for a while, supports structured response data (JSON) and by now has been implemented by all important registries so it's widely available -> e.g. https://www.apnic.net/about-apnic/whois … bout/rdap/.


New Horizons

Offline

#3 2017-04-22 14:36:19

o9000
tint2 developer
From: Network Neighborhood
Registered: 2015-10-24
Posts: 399
Website

Re: Colored ping and traceroute

Do you know if it's possible to get origin AS info from RDAP servers (i.e. route records)? I don't see any obvious way to do it.

Also, do you know if there are any bulk dumps to mirror the servers? They have quite strict rate limits, and you'll get a 24-hour ban if you look up more than a thousand IPs or so per day. For the whois protocol, there are ftp mirrors for some registries, although I think the african and asian are not public. Actually that's why I used radb, it's not an official registry, it doesn't have these silly restrictions and is focused on making routing info available.

Offline

#4 2017-04-22 15:06:43

twoion
ほやほや
Registered: 2015-08-10
Posts: 2,531

Re: Colored ping and traceroute

It definitely does support AS numbers, it's a defined object type https://tools.ietf.org/html/rfc7483#section-5.5. It probably all depends on what the RDAP server implements and provides as data I think. Personally, I used RDAP queries in a job project as a factor to detect and lock out fraudsters where making decisions based on AS (and related data, like country of AS owner origin) played a role. I wrote that project in Python too and made use of the ipwhois library for the queries, here is the relevant documentation https://github.com/secynic/ipwhois/blob/master/ASN.rst. Perhaps you can draw query logic from that.

Regarding mirror servers, I did run into that problem too and introduced a RDAP object cache into the code. I do not know of publicly available data dumps. Unfortunately I cannot share the code as it is proprietary and I have no longer access to that code.


New Horizons

Offline

#5 2017-04-22 15:33:55

o9000
tint2 developer
From: Network Neighborhood
Registered: 2015-10-24
Posts: 399
Website

Re: Colored ping and traceroute

Interesting.

The ipwhois library gets IP -> ASN mappings from 3 sources: the cymru dns service, the old whois protocol or from an ARIN service running on port 80, which is not RDAP, and only supports ARIN queries.

RDAP doesn't seem to offer a method to get the mapping. For bunsenlabs.org (78.47.156.207), one can query by IP address, by AS number or by entity, but the mappings are one-way: IP -> entity, ASN -> entity, entity -> self, so one cannot go from IP -> ASN.

For bulk ASN queries, I normally download the databases from ftp://ftp.radb.net/radb/dbase/. Some registries do not publish their databases, so bulk queries are impossible.

Last edited by o9000 (2017-04-22 15:36:45)

Offline

#6 2017-04-22 15:54:43

o9000
tint2 developer
From: Network Neighborhood
Registered: 2015-10-24
Posts: 399
Website

Re: Colored ping and traceroute

twoion wrote:

Regarding mirror servers, I did run into that problem too and introduced a RDAP object cache into the code. I do not know of publicly available data dumps. Unfortunately I cannot share the code as it is proprietary and I have no longer access to that code.

No problem, thanks anyways. I wasn't looking for code, just finding out if there's any better way.

Offline

#7 2017-04-23 12:14:07

o9000
tint2 developer
From: Network Neighborhood
Registered: 2015-10-24
Posts: 399
Website

Re: Colored ping and traceroute

There is another source of dumps: https://www.caida.org/data/routing/rout … fix2as.xml It was found to match >99% team cymru's mapping.

Offline

Board footer

Powered by FluxBB