SiLK

NAME

rwip2cc - Maps IP addresses to country codes

SYNOPSIS

  rwip2cc { --address=IP_ADDRESS | --input-file=FILE }
        [--map-file=PMAP_FILE] [--print-ips={0,1}]
        [{--integer-ips | --zero-pad-ips}] [--no-columns]
        [--column-separator=CHAR] [--no-final-delimiter]
        [{--delimited | --delimited=CHAR}]
        [--output-path=PATH] [--pager=PAGER_PROG]

  rwip2cc --help

  rwip2cc --version

DESCRIPTION

As of SiLK 3.0, rwip2cc is deprecated, and it will be removed in the SiLK 4.0 release. Use rwpmaplookup(1) instead---the "EXAMPLES" section shows how to use rwpmaplookup to get output similar to that produced by rwip2cc.

rwip2cc maps from (textual) IP address to two letter country code. Either the --address or --input-file switch is required.

The --address switch looks up the country code of a single IP address and prints the country code to the standard output.

The --input-file switch reads data from the specified file (use stdin or - to read from the standard input) and prints, to the standard output, the country code for each IP it sees. Blank lines in the input are ignored; comments, which begin at the # character and extend to the end of line, are also ignored. Each line that is not a blank or a comment should contain an IP address or a CIDR block; rwip2cc will complain if the line cannot be parsed. Note that for CIDR blocks, the CIDR block is exploded into its constituent IP addresses and the country code for each IP address is printed.

The --print-ips switch controls whether the IP is printed with its country code. When --print-ips=1 is specified, the output contains two columns: the IP and the country-code. When --print-ips=0 is specified, only the country code is given. The default behavior is to print the IP whenever the --input-file switch is provided, and not print the IP when --address is given.

You can tell rwip2cc to use a specific country code prefix map file by giving the location of that file to the --map-file switch. The country code prefix map file is created with the rwgeoip2ccmap(1) command. When --map-file is not specified, rwip2cc attempts to use the default country code mapping file, as specified in the "FILES" section below.

OPTIONS

Option names may be abbreviated if the abbreviation is unique or is an exact match for an option. A parameter to an option may be specified as --arg=param or --arg param, though the first form is required for options that take optional parameters.

--address=IP_ADDRESS

Print to the standard output the country code for the single IP_ADDRESS.

--input-file=FILE

Print the IP and country code for each IP address in FILE; use stdin to read from the standard input.

--map-file=PMAP_FILE

Use the designated country code prefix mapping file instead of the default.

--print-ips={0|1}

Controls whether the IP is printed. When the value is 1, the output contains two columns: the IP and the country-code. When the value is 0, only the country code is given. When this switch is not specified, the default behavior is to print the IPs only when input comes from a file (i.e., when --input-file is specified).

--integer-ips

Enable printing of IPs and print the IPs as integers. By default, IP addresses are printed in their canonical form.

--zero-pad-ips

Enable printing of IPs and print the IP addresses in their canonical form, but add zeros to the IP address so it fully fills the width of column. For IPv4, use three digits per octet, e.g, 127.000.000.001.

--no-columns

Disable fixed-width columnar output.

--column-separator=C

Use specified character between columns and after the final column. When this switch is not specified, the default of '|' is used.

--no-final-delimiter

Do not print the column separator after the final column. Normally a delimiter is printed.

--delimited

--delimited=C

Run as if --no-columns --no-final-delimiter --column-sep=C had been specified. That is, disable fixed-width columnar output; if character C is provided, it is used as the delimiter between columns instead of the default '|'.

--output-path=PATH

Write the textual output to PATH, where PATH is a filename, a named pipe, the keyword stderr to write the output to the standard error, or the keyword stdout or - to write the output to the standard output (and bypass the paging program). If PATH names an existing file, rwip2cc exits with an error unless the SILK_CLOBBER environment variable is set, in which case PATH is overwritten. If this option is not given, the output is either sent to the pager or written to the standard output.

--pager=PAGER_PROG

When the --input-file switch is specified and output is to a terminal, invoke the program PAGER_PROG to view the output one screen full at a time. This switch overrides the SILK_PAGER environment variable, which in turn overrides the PAGER variable. If the --output-path switch is given or if the value of the pager is determined to be the empty string, no paging is performed and all output is written to the terminal.

--help

Print the available options and exit.

--version

Print the version number and information about how SiLK was configured, then exit the application.

EXAMPLES

The following examples demonstrate the use of rwip2cc. In addition, each example shows how to get similar output using rwpmaplookup(1).

In the following examples, the dollar sign ($) represents the shell prompt. The text after the dollar sign represents the command line. Lines have been wrapped for improved readability, and the back slash (\) is used to indicate a wrapped line.

Single address specified on the command line

Print the country code for a single address using the default country code map. By default, only the value is printed when the address is specified on the command line.

 $ rwip2cc --address=10.0.0.0
 --

Use the --print-ips switch to print the address and the country.

 $ rwip2cc --print-ip=1 --address=10.0.0.0
        10.0.0.0|--|

rwpmaplookup expects the input to come from a file, so use the --no-files switch to tell rwpmaplookup that the command line arguments are the addresses to print. By default, rwpmaplookup prints a title line, and each row contains the key and the value.

 $ rwpmaplookup --country-code --no-files 10.0.0.0
           key|value|
      10.0.0.0|   --|

Use rwpmaplookup's command line switches to exactly mimic the default output from rwip2cc:

 $ rwpmaplookup --country-code --fields=value --delimited --no-title \
     --no-files 10.0.0.0
 --

Single address using a different country code file

Print the country code for a single address specified on the command line using an older version of the country code mapping file.

 $ rwip2cc --map-file=old-addresses.pmap --address=128.2.0.0
 us

 $ rwpmaplookup --country-code=old-address-map.pmap --no-files 128.2.0.0
           key|value|
     128.2.0.0|   us|

Addresses read from the standard input

Using the default country code map, print the country code for multiple addresses read from the standard input. When the --input-file switch is given, the default output includes the address.

 $ echo '10.0.0.0/31' | rwip2cc --input-file=stdin
        10.0.0.0|--|
        10.0.0.1|--|

You can use the --print-ips switch to suppress the IPs.

 $ echo '10.0.0.0/31' | rwip2cc --print-ips=0 --input-file=stdin
 --
 --

Unlike rwip2cc, rwpmaplookup does not accept CIDR blocks as input. Use the IPset tools rwsetbuild(1) to parse the CIDR block list and rwsetcat(1) to print the list.

 $ echo '10.0.0.0/31' | rwsetbuild | rwsetcat --cidr=0 \
     | rwpmaplookup --country-code
             key|value|
        10.0.0.0|   --|
        10.0.0.1|   --|

Addresses read from a file

Using an older version of the country code map, print the country code for multiple addresses read from a file.

 $ export SILK_COUNTRY_CODES=old-addresses.pmap
 $ cat file.txt
 128.2.1.1
 128.2.2.2
 $ rwip2cc --input-file=file.txt
       128.2.1.1|us|
       128.2.2.2|us|

 $ rwpmaplookup --no-title --country-code file.txt
      128.2.1.1|   us|
      128.2.2.2|   us|

ENVIRONMENT

SILK_COUNTRY_CODES

This environment variable allows the user to specify the country code mapping file that rwip2cc will use. The value may be a complete path or a file relative to SILK_PATH. If the variable is not specified, the code looks for a file named country_codes.pmap as specified in the "FILES" section below.

SILK_PATH

This environment variable gives the root of the install tree. As part of its search for the Country Code mapping file, rwip2cc checks the directories $SILK_PATH/share/silk and $SILK_PATH/share for a file named country_codes.pmap.

SILK_CLOBBER

The SiLK tools normally refuse to overwrite existing files. Setting SILK_CLOBBER to a non-empty value removes this restriction.

SILK_PAGER

When set to a non-empty string, rwip2cc automatically invokes this program to display its output a screen at a time. If set to an empty string, rwip2cc does not automatically page its output.

PAGER

When set and SILK_PAGER is not set, rwip2cc automatically invokes this program to display its output a screen at a time.

FILES

rwip2cc will look for the prefix map file that maps IPs to country codes in the following locations. ($SILK_COUNTRY_CODES is the value of the SILK_COUNTRY_CODES environment variable, if it is set. $SILK_PATH is value of the SILK_PATH environment variable, if it is set. The use of /usr/ assumes the application is installed in the /usr/bin/ directory.)

  $SILK_COUNTRY_CODES
  $SILK_PATH/share/silk/country_codes.pmap
  $SILK_PATH/share/country_codes.pmap
  /usr/share/silk/country_codes.pmap
  /usr/share/country_codes.pmap

SEE ALSO

rwpmaplookup(1), rwgeoip2ccmap(1), rwsetbuild(1), rwsetcat(1), silk(7)