Script to determine if an IP is in a CIDR range

Sometimes you have a long list of IP addresses and need to know which ones are in a particular CIDR range. That’s easy enough to do by hand if it’s a nice, even multiple of 8. But usually it isn’t, so I wrote a simple script to determine if an IP is in a CIDR range.

In days of yore, computer magazines would publish short, useful programs and explain how they worked. That doesn’t happen anymore. Consider this a throwback post.

Overview

Script to determine if an IP is in a CIDR range
It can be hard to do this in your head. That’s why I wrote a Script to determine if an IP is in a CIDR range.

For dealing with /24 networks, you can just lop off the last octet in Excel. This script is intended for the more complex situations we frequently find in larger networks.

This script is written in Python. Python is available on every major computer platform. Linux and Mac OS X include it. Windows doesn’t, but you can easily install Python on Windows and it works fine. It may be possible to implement it in a different language, but I went with Python because I know it well enough to get it done and Python has an established library for dealing with IP addresses.

This script requires the Python netaddr library. This library makes the script super-simple. To install netaddr, simply issue the command pip install netaddr. The only other library the script needs is the sys library, so you can pass it command line arguments.

Usage

To use the script, just save it as in-cidr.py or whatever other filename you wish. Then run it like this:

in-cidr.py 192.168.0.1 192.168.0.0/24

If the IP is in the CIDR netblock, it echos the IP address and the netblock. If it’s not a match, the script is silent. This matches my use case, where I sometimes need to build a list of live IP addresses and the documented CIDR ranges they belong to. If you need it to behave a little bit differently, I’ll get to that in a minute.

The code

The script is pretty short, since it doesn’t have to do much besides call a library.

#!/bin/python
import sys
from netaddr import IPNetwork, IPAddress

if IPAddress(sys.argv[1]) in IPNetwork(sys.argv[2]):
   print sys.argv[1], sys.argv[2]

It could use a bit more error checking perhaps, but this was enough to suit my needs.

Possible modifications

If you need a yes/no answer, rather than outputting IPs and ranges, you can do that too.

#!/bin/python
import sys
from netaddr import IPNetwork, IPAddress

if IPAddress(sys.argv[1]) in IPNetwork(sys.argv[2]):
   print "Yes."
else:
   print "No."

It’s not as easy as a GUI maybe, but if you keep a command line open all the time like I do, it can be helpful.

You could also make a version that works for IP ranges, rather than CIDR notation:

#!/bin/python
import sys
from netaddr import IPRange, IPAddress

if IPAddress(sys.argv[1]) in IPRange(sys.argv[2], sys.argv[3]):
   print "Yes."
else:
   print "No."

To use this version, simply execute the command iprange.py 192.168.1.3 192.168.1.0 192.168.1.255. I’m not sure how useful this version is, but it’s simple to code.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux