NAME
rwpmapcat - Print each range and label present in a prefix map file
SYNOPSIS
rwpmapcat [--output-type={mapname | type | ranges | labels}]
[--ignore-label=LABEL] [--ip-label-to-ignore=IP_ADDRESS]
[--left-justify-labels] [--no-cidr-blocks]
[{--integer-ips | --zero-pad-ips}] [--no-titles]
[--no-columns] [--column-separator=C] [--no-final-delimiter]
[{--delimited | --delimited=C}] [--pager=PAGER_PROG]
[--map-file=PMAP_FILE | PMAP_FILE]
rwpmapcat --help
rwpmapcat --version
DESCRIPTION
rwpmapcat reads a prefix map file and prints its contents. If the prefix map file contains IP address data, rwpmapcat prints the IP address block and the label associated with that block for every IPv4 address. The address blocks are printed in CIDR notation unless the --no-cidr-blocks switch is specified, in which case blocks are printed as a starting and ending IP address.
If the prefix map file contains protocol/port pairs, rwpmapcat
prints the starting protocol and port separated by a slash (/), the
delimiter character, the ending protocol and port, the delimiter, and
the label.
To only see the labels in a prefix map file, specify --output-type=labels.
To see the type of this prefix map file, specify --output-type=type.
To see the mapname associated with this prefix map file (if any), specify --output-type=mapname.
The printing of ranges having a specific label may be suppressed with the --ignore-label switch. To have rwpmapcat to look up a label based on an IP address and then ignore all entries with the label, pass the IP address to the --ip-label-to-ignore switch.
OPTIONS
Option names may be abbreviated if the abbreviation is unique or is an exact match for an option. A parameter to an option may be specified as --arg=param or --arg param, though the first form is required for options that take optional parameters.
- --map-file=PMAP_FILE
-
Specify the path of the prefix map file to print. If this switch is omitted, the name of the file to be read is taken as the first non-switch command-line argument. If no argument is given, the file is read from stdin if possible.
- --output-type={type | mapname | label | ranges}
-
Specify the types of output to produce as a comma separated list of names. When this switch is not provided, the default is to print ranges. The output-type can be specified using the shortest unique prefix for the type. The available types are:
- type
-
Print the type of this prefix map file, either
addressfor an IP prefix map orproto-portfor a protocol-port prefix map. - mapname
-
Print the name associated with this prefix map file. This mapname is used to generate switch names and field names when this prefix map is used with rwfilter(1), rwcut(1), rwgroup(1), rwsort(1), and rwuniq(1). See pmapfilter(3) for details.
- label
-
Print the names of the labels that exist in the prefix map file.
- ranges
-
Print a block's starting and ending values and the label for that block for each block in the prefix map file.
- --ignore-label=LABEL
-
For the ranges output-type, skip the printing of entries whose label is LABEL. By default, all entries in the prefix map file are printed.
- --ip-label-to-ignore=IP_ADDRESS
-
For the ranges output-type, skip the printing of entries that have the same label as the specified IP_ADDRESS. By default, all IP--label pairs are printed.
- --left-justify-labels
-
For the ranges output-type, left-justify the labels when columnar output is printed. Normally, the labels are right-justified.
- --no-cidr-blocks
-
Cause each IP address block to be printed as a starting and ending IP address. By default, IP addresses are grouped into CIDR blocks. This switch is ignored for prefix map files containing protocol/port pairs.
- --integer-ips
-
Print IP addresses as integers. The default is print IP addresses in their canonical form. This switch is ignored for prefix map files containing protocol/port pairs.
- --zero-pad-ips
-
Print IP addresses in their canonical form, but add zeros to the IP address so it fully fills the width of column. For IPv4, use three digits per octet, e.g,
127.000.000.001. This switch is ignored for prefix map files containing protocol/port pairs. - --no-titles
-
Turn off column titles. By default, titles are printed.
- --no-columns
-
Disable fixed-width columnar output.
- --column-separator=C
-
Use specified character between columns and after the final column. When this switch is not specified, the default of '|' is used.
- --no-final-delimiter
-
Do not print the column separator after the final column. Normally a delimiter is printed.
- --delimited
- --delimited=C
-
Run as if --no-columns --no-final-delimiter --column-sep=C had been specified. That is, disable fixed-width columnar output; if character C is provided, it is used as the delimiter between columns instead of the default '|'.
- --pager=PAGER_PROG
-
When output is to a terminal, invoke the program PAGER_PROG to view the output one screen full at a time. This switch overrides the SILK_PAGER environment variable, which in turn overrides the PAGER variable. If the value of the pager is determined to be the empty string, no paging will be performed and all output will be printed to the terminal.
- --help
-
Print the available options and exit.
- --version
-
Print the version number and information about how SiLK was configured, then exit the application.
EXAMPLES
To print the contents of the prefix map file sample.pmap:
$ rwpmapcat --map-file=sample.pmap
ipBlock| label|
0.0.0.0/8|non-routable|
1.0.0.0/8| external|
2.0.0.0/7| external|
4.0.0.0/6| external|
8.0.0.0/7| external|
10.0.0.0/8|non-routable|
11.0.0.0/8| external|
12.0.0.0/6| external|
16.0.0.0/4| external|
...
To not use CIDR notation in the output:
$ rwpmapcat --map-file=sample.pmap --no-cidr-block
startIP| endIP| label|
0.0.0.0| 0.255.255.255|non-routable|
1.0.0.0| 9.255.255.255| external|
10.0.0.0| 10.255.255.255|non-routable|
11.0.0.0|126.255.255.255| external|
127.0.0.0|127.255.255.255|non-routable|
128.0.0.0|169.253.255.255| external|
169.254.0.0|169.254.255.255|non-routable|
169.255.0.0| 172.15.255.255| external|
172.16.0.0| 172.31.255.255|non-routable|
172.32.0.0| 192.0.1.255| external|
192.0.2.0| 192.0.2.255|non-routable|
192.0.3.0|192.167.255.255| external|
192.168.0.0|192.168.255.255|non-routable|
192.169.0.0|255.255.255.254| external|
255.255.255.255|255.255.255.255|non-routable|
To print the labels in the file:
$ rwpmapcat --map-file=sample.pmap --output-type=label LABELS: non-routable internal external
To ignore IPs with a particular label:
$ rwpmapcat --map-file=sample.pmap --ignore-label=non-routable --no-cidr
startIP| endIP| label|
1.0.0.0| 9.255.255.255| external|
11.0.0.0|126.255.255.255| external|
128.0.0.0|169.253.255.255| external|
169.255.0.0| 172.15.255.255| external|
172.32.0.0| 192.0.1.255| external|
192.0.3.0|192.167.255.255| external|
192.169.0.0|255.255.255.254| external|
To ignore those same values based on the IP:
$ rwpmapcat --map-file=sample.pmap --ip-label-to-ignore=0.0.0.0
ipBlock| label|
1.0.0.0/8| external|
2.0.0.0/7| external|
4.0.0.0/6| external|
8.0.0.0/7| external|
11.0.0.0/8| external|
12.0.0.0/6| external|
16.0.0.0/4| external|
32.0.0.0/3| external|
64.0.0.0/3| external|
...
ENVIRONMENT
- SILK_PAGER
-
When set to a non-empty string, rwpmapcat automatically invokes this program to display its output a screen at a time. If set to an empty string, rwpmapcat does not automatically page its output.
- PAGER
-
When set and SILK_PAGER is not set, rwpmapcat automatically invokes this program to display its output a screen at a time.
SEE ALSO
rwpmapbuild(1), pmapfilter(3), rwfilter(1), rwcut(1), rwgroup(1), rwsort(1), rwuniq(1)