I have a shell script which uses etherwake to wake up a machine on my local network. After the machine is awake, I'm not sure of the IP address.
我有一个shell脚本,它使用etherwake唤醒本地网络上的一台机器。机器苏醒后,我不确定IP地址。
While trying to answer my own question I came up with:
当我试图回答自己的问题时,我想到了:
ip=$(ping -c 1 hostname | head -1 | awk '{print $3}' | sed 's/[()]//g')
This solution stipulates that I know the hostname of the remote machine, which isn't so onerous.
这个解决方案规定,我知道远程机器的主机名,这并不麻烦。
Is there a way to get the IP if all I know is the MAC address?
如果我只知道MAC地址,有没有办法获得IP ?
6 个解决方案
#1
17
I don't think there is a single command to do this. One hack would be to do a ping scan or a broadcast ping on the subnet and then query the arp table for the IP address of the MAC address. Obviously not an ideal solution. Example:
我认为没有一个命令可以做到这一点。一种方法是对子网进行ping扫描或广播ping,然后查询arp表以获取MAC地址的IP地址。显然这不是一个理想的解决方案。例子:
nmap -sP 192.168.1.0/24 >/dev/null && arp -an | grep <mac address here> | awk '{print $2}' | sed 's/[()]//g'
Here nmap will do a ping scan and populate your arp cache. Once the scan is done, the arp command can be used to print the arp table and then you pull out the IP address with grep/awk. You could try replacing nmap with a broadcast ping, but that probably isn't as reliable.
在这里,nmap将执行一次ping扫描并填充arp缓存。扫描完成后,可以使用arp命令打印arp表,然后使用grep/awk提取IP地址。您可以尝试用广播ping替换nmap,但这可能不那么可靠。
#2
11
I would simply use
我只会用
ip neighbor | grep "00:1E:C9:56:3C:8E" | cut -d" " -f1
#3
4
The other methods presented here were unreliable, e.g. the output of ip neighbor did not always contain the most recent state, so I ended up re-scanning the network using arp-scan, and hence I simply used the output of the scanning to obtain the IP address for a given MAC address.
这里给出的其他方法不可靠,例如,ip邻居的输出并不总是包含最近的状态,所以我最终使用arp-scan重新扫描网络,因此我只是使用扫描的输出来获取给定MAC地址的ip地址。
For scanning a single network interface, simply use this:
对于扫描单个网络接口,只需使用以下方法:
arp-scan -q -l --interface en4 2>/dev/null | grep "00:1E:C9:56:3C:8E" | cut -d$'\t' -f1
The following command scans multiple network interfaces at once:
以下命令一次扫描多个网络接口:
{ arp-scan -q -l --interface en0 2>/dev/null & arp-scan -q -l --interface en4 2>/dev/null } | grep "00:1E:C9:56:3C:8E" | cut -d$'\t' -f1
#4
2
I wrote a python module that can do this:
我编写了一个python模块来实现这一点:
>>> from ethip import ethip
>>> print ethip.getip('00:1E:C9:56:3C:8E', '10.5.42.255')
10.5.42.3
I just makes rapid arp requests to find the ip, then caches what it finds. The code is on github.
我只是快速地发出arp请求来查找ip,然后缓存它找到的内容。代码在github上。
#5
2
You could try the arp command and grep by mac address
您可以尝试arp命令和grep的mac地址
arp -a | grep "00:00:00:00:00:00"
(replace with your own mac addr)
(用你自己的mac addr替换)
#6
-1
Neal's answer takes indeed too long. I had to get it work with a 60k+ IPs range. The trick to make this work is to check arp table after each ping. This also fixes the root problem : no need. I did it in Java (see threadedScan() here) because I was on windows and needed a solution which wouldn't spawn thousands of cmd prompts while trying to ping with start command. And it works faster (~10 sec for my 60k range) with a fixedThreadPool.
Neal的回答确实花了很长时间。我必须让它在60k+ IPs范围内工作。实现此工作的技巧是在每次ping之后检查arp表。这也解决了根本问题:不需要。我在Java中这样做(参见这里的threadedScan())),因为我在windows上,需要一个解决方案,在尝试使用start命令进行ping时不会产生数千个cmd提示。使用fixedThreadPool,它的工作速度更快(60k范围大约10秒)。
#1
17
I don't think there is a single command to do this. One hack would be to do a ping scan or a broadcast ping on the subnet and then query the arp table for the IP address of the MAC address. Obviously not an ideal solution. Example:
我认为没有一个命令可以做到这一点。一种方法是对子网进行ping扫描或广播ping,然后查询arp表以获取MAC地址的IP地址。显然这不是一个理想的解决方案。例子:
nmap -sP 192.168.1.0/24 >/dev/null && arp -an | grep <mac address here> | awk '{print $2}' | sed 's/[()]//g'
Here nmap will do a ping scan and populate your arp cache. Once the scan is done, the arp command can be used to print the arp table and then you pull out the IP address with grep/awk. You could try replacing nmap with a broadcast ping, but that probably isn't as reliable.
在这里,nmap将执行一次ping扫描并填充arp缓存。扫描完成后,可以使用arp命令打印arp表,然后使用grep/awk提取IP地址。您可以尝试用广播ping替换nmap,但这可能不那么可靠。
#2
11
I would simply use
我只会用
ip neighbor | grep "00:1E:C9:56:3C:8E" | cut -d" " -f1
#3
4
The other methods presented here were unreliable, e.g. the output of ip neighbor did not always contain the most recent state, so I ended up re-scanning the network using arp-scan, and hence I simply used the output of the scanning to obtain the IP address for a given MAC address.
这里给出的其他方法不可靠,例如,ip邻居的输出并不总是包含最近的状态,所以我最终使用arp-scan重新扫描网络,因此我只是使用扫描的输出来获取给定MAC地址的ip地址。
For scanning a single network interface, simply use this:
对于扫描单个网络接口,只需使用以下方法:
arp-scan -q -l --interface en4 2>/dev/null | grep "00:1E:C9:56:3C:8E" | cut -d$'\t' -f1
The following command scans multiple network interfaces at once:
以下命令一次扫描多个网络接口:
{ arp-scan -q -l --interface en0 2>/dev/null & arp-scan -q -l --interface en4 2>/dev/null } | grep "00:1E:C9:56:3C:8E" | cut -d$'\t' -f1
#4
2
I wrote a python module that can do this:
我编写了一个python模块来实现这一点:
>>> from ethip import ethip
>>> print ethip.getip('00:1E:C9:56:3C:8E', '10.5.42.255')
10.5.42.3
I just makes rapid arp requests to find the ip, then caches what it finds. The code is on github.
我只是快速地发出arp请求来查找ip,然后缓存它找到的内容。代码在github上。
#5
2
You could try the arp command and grep by mac address
您可以尝试arp命令和grep的mac地址
arp -a | grep "00:00:00:00:00:00"
(replace with your own mac addr)
(用你自己的mac addr替换)
#6
-1
Neal's answer takes indeed too long. I had to get it work with a 60k+ IPs range. The trick to make this work is to check arp table after each ping. This also fixes the root problem : no need. I did it in Java (see threadedScan() here) because I was on windows and needed a solution which wouldn't spawn thousands of cmd prompts while trying to ping with start command. And it works faster (~10 sec for my 60k range) with a fixedThreadPool.
Neal的回答确实花了很长时间。我必须让它在60k+ IPs范围内工作。实现此工作的技巧是在每次ping之后检查arp表。这也解决了根本问题:不需要。我在Java中这样做(参见这里的threadedScan())),因为我在windows上,需要一个解决方案,在尝试使用start命令进行ping时不会产生数千个cmd提示。使用fixedThreadPool,它的工作速度更快(60k范围大约10秒)。