List all IP addresses in files on my computer?
Clash Royale CLAN TAG#URR8PPP up vote
1
down vote
favorite
After a few years of contemplating setting up an old laptop as a server in a home network, and the world as a whole I guess, I'd like to learn more about IP addresses.
How can I find what IP addresses are stored on my computer now? This way I can look at interesting files now. I can possibly use them later to setup IP addresses to configure programs.
Although command-line and text-processing tags appear under this question, a GUI solution is perfectly welcome in place of command-line. grep doesn't have to used to fulfill text-processing tag and if binary files can be interpreted that is all well and good too.
command-line text-processing ip
asked Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
add a comment |Â
up vote
1
down vote
favorite
After a few years of contemplating setting up an old laptop as a server in a home network, and the world as a whole I guess, I'd like to learn more about IP addresses.
How can I find what IP addresses are stored on my computer now? This way I can look at interesting files now. I can possibly use them later to setup IP addresses to configure programs.
Although command-line and text-processing tags appear under this question, a GUI solution is perfectly welcome in place of command-line. grep doesn't have to used to fulfill text-processing tag and if binary files can be interpreted that is all well and good too.
command-line text-processing ip
asked Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
After a few years of contemplating setting up an old laptop as a server in a home network, and the world as a whole I guess, I'd like to learn more about IP addresses.
How can I find what IP addresses are stored on my computer now? This way I can look at interesting files now. I can possibly use them later to setup IP addresses to configure programs.
Although command-line and text-processing tags appear under this question, a GUI solution is perfectly welcome in place of command-line. grep doesn't have to used to fulfill text-processing tag and if binary files can be interpreted that is all well and good too.
command-line text-processing ip
asked Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
After a few years of contemplating setting up an old laptop as a server in a home network, and the world as a whole I guess, I'd like to learn more about IP addresses.
How can I find what IP addresses are stored on my computer now? This way I can look at interesting files now. I can possibly use them later to setup IP addresses to configure programs.
Although command-line and text-processing tags appear under this question, a GUI solution is perfectly welcome in place of command-line. grep doesn't have to used to fulfill text-processing tag and if binary files can be interpreted that is all well and good too.
command-line text-processing ip
command-line text-processing ip
asked Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
asked Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
edited Apr 9 at 2:22
asked Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
asked Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
asked Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
35.8k759133
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
2
down vote
Use grep
You can use grep to find all files containing something that looks like an IPv4 IP address. Be aware there will be false positives. For example the file:
/usr/src/linux-headers-4.14.30-041430/include/linux/oid_registry.h
at line 48 will contain:
OID_smimeAuthenticatedAttrs, /* 1.2.840.113549.1.9.16.2.11 */
It sort of looks like an IP address in the comments but it is not.
Initially start with a count of all the lines containing an IP address on your system:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" / | wc
27.76user 13.17system 1:31.06elapsed 44%CPU (0avgtext+0avgdata 10416maxresident)k
12451744inputs+0outputs (2major+2098minor)pagefaults 0swaps
17164 122083 3138285
Let's break down the commands
sudoprevents "Permission denied" errorstimetells us how long it takes to run, ie. 1 minute 31 secondsgrepis the command that searches for strings in files-rnwIare the arguments (aka parameters) passed togrep. Thermeans recursive meaning sub-directories are processed. Thenargument prints the line number the search string occurs in the file. TheIargument tells it to ignore binary files. If binary files were include the number of files would increase from 17,164 to 22,253 on my system. You can't open binary files and make any sense of them though.-exclude-dir=are the directories to exclude from the search. Without this listgrepcan take 53 hours to complete: `grep`ing all files for a string takes a long time-Eis the argument togrepthat tells it the search string is about to follow."([0-9]1,3[.])3[0-9]1,3"is the search string to look forward. Explained in more detail below./tellsgrepto start at the root directory. However the excluded directories will be skipped.|is the pipe command sending all output to thewccommand instead of the screen.wcis the "word count" command. It counts the number lines, number of words and number of characters passed to it. In our case it is17164lines,122,083words and3,138,285characters. Commas added for clarity.
Breaking down "([0-9]1,3[.])3[0-9]1,3"
As shown earlier, the search string passed to grep is "([0-9]1,3[.])3[0-9]1,3". Here is how it works:
"([0-9]1,3[.])3[0-9]1,3"
^ ^ ^ ^ ^ ^
| | | | | +---- count of digits must be 1 to 3
| | | | +--------- look for digits 0 through 9
| | | +------------- patterns 1 to 3 digits of 0-9 followed by . occurs 3 times
| | +------------------ count of 1 to 3 digits must be followed by .
| +---------------------- count of digits is 1 to 3
+--------------------------- look for digits 0 to 9
Seeing the output instead of word count
To see the actual output instead of just the word count remove | wc from the end of the command line:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" /
(... SNIP ...)
/usr/bin/printer-profile:176: OUT="nc 192.168.1.12 9100 < xxx.prn"
/opt/google/chrome/default_apps/external_extensions.json:23: "external_version": "0.0.0.6"
/opt/google/chrome/product_logo_32.xpm:330:" [.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l. ",
28.52user 12.54system 1:31.78elapsed 44%CPU (0avgtext+0avgdata 9516maxresident)k
12793352inputs+0outputs (3major+1884minor)pagefaults 0swaps
The listing is too long to fit in this answer. Note the last file found is a false positive:
/opt/google/chrome/product_logo_32.xpm
because it doesn't contain a real IP address:
[.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l.
Restrict your search to /etc directory at first
To narrow down search to more meaningful short-list use:
$ sudo time grep -rnI -E "([0-9]1,3[.])3[0-9]1,3" /etc/etc/hosts:1:127.0.0.1 localhost
/etc/hosts:2:127.0.1.1 alien
/etc/cron.daily/google-earth:47:Version: GnuPG v1.4.2.2 (GNU/Linux)
(... SNIP ...)
/etc/cups/cups-browsed.conf:77:# BrowseDeny 192.168.1.13
/etc/cups/cups-browsed.conf:78:# BrowseDeny 192.168.3.0/24
/etc/cups/cups-browsed.conf:79:# BrowseDeny 192.168.3.0/255.255.255.0
0.04user 0.03system 0:00.19elapsed 40%CPU (0avgtext+0avgdata 2800maxresident)k
22384inputs+0outputs (1major+181minor)pagefaults 0swaps
answered Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
This is insuffient as it fails to find IPv6 addresses. Also: 0xc0.0xa8.0x01.0x6e, 0xC0A8016E and 3232235886 are all valid ways to write the IPv4 address usually written as 192.168.1.110. So it is not such an easy job to really find all IP addresses.
– Sebastian Stark
Apr 9 at 4:04
@SebastianStark I did find some Stack Exchange answers on how to grep on IPv6 addresses but have not quite got it figured out yet. You can post an answer if you know how, else I will update my answer after I figure it out.
– WinEunuuchs2Unix
Apr 9 at 4:07
Forgot octal notation for IPv4: 0300.0250.0001.0156
– Sebastian Stark
Apr 9 at 4:09
2
It is not so clear what you are trying to do, except pose a little bit esoteric text processing question.
– Sebastian Stark
Apr 9 at 4:14
2
A substantial number of IP addresses on your computer will be only in RAM, like for instance the routing table or the ARP cache. Most of them you will probably be able to retrieve from the /proc file system or with specialised tools (arp(8), ip(8)).
– Sebastian Stark
Apr 9 at 4:28
 |Â
show 6 more comments
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
Use grep
You can use grep to find all files containing something that looks like an IPv4 IP address. Be aware there will be false positives. For example the file:
/usr/src/linux-headers-4.14.30-041430/include/linux/oid_registry.h
at line 48 will contain:
OID_smimeAuthenticatedAttrs, /* 1.2.840.113549.1.9.16.2.11 */
It sort of looks like an IP address in the comments but it is not.
Initially start with a count of all the lines containing an IP address on your system:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" / | wc
27.76user 13.17system 1:31.06elapsed 44%CPU (0avgtext+0avgdata 10416maxresident)k
12451744inputs+0outputs (2major+2098minor)pagefaults 0swaps
17164 122083 3138285
Let's break down the commands
sudoprevents "Permission denied" errorstimetells us how long it takes to run, ie. 1 minute 31 secondsgrepis the command that searches for strings in files-rnwIare the arguments (aka parameters) passed togrep. Thermeans recursive meaning sub-directories are processed. Thenargument prints the line number the search string occurs in the file. TheIargument tells it to ignore binary files. If binary files were include the number of files would increase from 17,164 to 22,253 on my system. You can't open binary files and make any sense of them though.-exclude-dir=are the directories to exclude from the search. Without this listgrepcan take 53 hours to complete: `grep`ing all files for a string takes a long time-Eis the argument togrepthat tells it the search string is about to follow."([0-9]1,3[.])3[0-9]1,3"is the search string to look forward. Explained in more detail below./tellsgrepto start at the root directory. However the excluded directories will be skipped.|is the pipe command sending all output to thewccommand instead of the screen.wcis the "word count" command. It counts the number lines, number of words and number of characters passed to it. In our case it is17164lines,122,083words and3,138,285characters. Commas added for clarity.
Breaking down "([0-9]1,3[.])3[0-9]1,3"
As shown earlier, the search string passed to grep is "([0-9]1,3[.])3[0-9]1,3". Here is how it works:
"([0-9]1,3[.])3[0-9]1,3"
^ ^ ^ ^ ^ ^
| | | | | +---- count of digits must be 1 to 3
| | | | +--------- look for digits 0 through 9
| | | +------------- patterns 1 to 3 digits of 0-9 followed by . occurs 3 times
| | +------------------ count of 1 to 3 digits must be followed by .
| +---------------------- count of digits is 1 to 3
+--------------------------- look for digits 0 to 9
Seeing the output instead of word count
To see the actual output instead of just the word count remove | wc from the end of the command line:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" /
(... SNIP ...)
/usr/bin/printer-profile:176: OUT="nc 192.168.1.12 9100 < xxx.prn"
/opt/google/chrome/default_apps/external_extensions.json:23: "external_version": "0.0.0.6"
/opt/google/chrome/product_logo_32.xpm:330:" [.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l. ",
28.52user 12.54system 1:31.78elapsed 44%CPU (0avgtext+0avgdata 9516maxresident)k
12793352inputs+0outputs (3major+1884minor)pagefaults 0swaps
The listing is too long to fit in this answer. Note the last file found is a false positive:
/opt/google/chrome/product_logo_32.xpm
because it doesn't contain a real IP address:
[.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l.
Restrict your search to /etc directory at first
To narrow down search to more meaningful short-list use:
$ sudo time grep -rnI -E "([0-9]1,3[.])3[0-9]1,3" /etc/etc/hosts:1:127.0.0.1 localhost
/etc/hosts:2:127.0.1.1 alien
/etc/cron.daily/google-earth:47:Version: GnuPG v1.4.2.2 (GNU/Linux)
(... SNIP ...)
/etc/cups/cups-browsed.conf:77:# BrowseDeny 192.168.1.13
/etc/cups/cups-browsed.conf:78:# BrowseDeny 192.168.3.0/24
/etc/cups/cups-browsed.conf:79:# BrowseDeny 192.168.3.0/255.255.255.0
0.04user 0.03system 0:00.19elapsed 40%CPU (0avgtext+0avgdata 2800maxresident)k
22384inputs+0outputs (1major+181minor)pagefaults 0swaps
answered Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
This is insuffient as it fails to find IPv6 addresses. Also: 0xc0.0xa8.0x01.0x6e, 0xC0A8016E and 3232235886 are all valid ways to write the IPv4 address usually written as 192.168.1.110. So it is not such an easy job to really find all IP addresses.
– Sebastian Stark
Apr 9 at 4:04
@SebastianStark I did find some Stack Exchange answers on how to grep on IPv6 addresses but have not quite got it figured out yet. You can post an answer if you know how, else I will update my answer after I figure it out.
– WinEunuuchs2Unix
Apr 9 at 4:07
Forgot octal notation for IPv4: 0300.0250.0001.0156
– Sebastian Stark
Apr 9 at 4:09
2
It is not so clear what you are trying to do, except pose a little bit esoteric text processing question.
– Sebastian Stark
Apr 9 at 4:14
2
A substantial number of IP addresses on your computer will be only in RAM, like for instance the routing table or the ARP cache. Most of them you will probably be able to retrieve from the /proc file system or with specialised tools (arp(8), ip(8)).
– Sebastian Stark
Apr 9 at 4:28
 |Â
show 6 more comments
up vote
2
down vote
Use grep
You can use grep to find all files containing something that looks like an IPv4 IP address. Be aware there will be false positives. For example the file:
/usr/src/linux-headers-4.14.30-041430/include/linux/oid_registry.h
at line 48 will contain:
OID_smimeAuthenticatedAttrs, /* 1.2.840.113549.1.9.16.2.11 */
It sort of looks like an IP address in the comments but it is not.
Initially start with a count of all the lines containing an IP address on your system:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" / | wc
27.76user 13.17system 1:31.06elapsed 44%CPU (0avgtext+0avgdata 10416maxresident)k
12451744inputs+0outputs (2major+2098minor)pagefaults 0swaps
17164 122083 3138285
Let's break down the commands
sudoprevents "Permission denied" errorstimetells us how long it takes to run, ie. 1 minute 31 secondsgrepis the command that searches for strings in files-rnwIare the arguments (aka parameters) passed togrep. Thermeans recursive meaning sub-directories are processed. Thenargument prints the line number the search string occurs in the file. TheIargument tells it to ignore binary files. If binary files were include the number of files would increase from 17,164 to 22,253 on my system. You can't open binary files and make any sense of them though.-exclude-dir=are the directories to exclude from the search. Without this listgrepcan take 53 hours to complete: `grep`ing all files for a string takes a long time-Eis the argument togrepthat tells it the search string is about to follow."([0-9]1,3[.])3[0-9]1,3"is the search string to look forward. Explained in more detail below./tellsgrepto start at the root directory. However the excluded directories will be skipped.|is the pipe command sending all output to thewccommand instead of the screen.wcis the "word count" command. It counts the number lines, number of words and number of characters passed to it. In our case it is17164lines,122,083words and3,138,285characters. Commas added for clarity.
Breaking down "([0-9]1,3[.])3[0-9]1,3"
As shown earlier, the search string passed to grep is "([0-9]1,3[.])3[0-9]1,3". Here is how it works:
"([0-9]1,3[.])3[0-9]1,3"
^ ^ ^ ^ ^ ^
| | | | | +---- count of digits must be 1 to 3
| | | | +--------- look for digits 0 through 9
| | | +------------- patterns 1 to 3 digits of 0-9 followed by . occurs 3 times
| | +------------------ count of 1 to 3 digits must be followed by .
| +---------------------- count of digits is 1 to 3
+--------------------------- look for digits 0 to 9
Seeing the output instead of word count
To see the actual output instead of just the word count remove | wc from the end of the command line:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" /
(... SNIP ...)
/usr/bin/printer-profile:176: OUT="nc 192.168.1.12 9100 < xxx.prn"
/opt/google/chrome/default_apps/external_extensions.json:23: "external_version": "0.0.0.6"
/opt/google/chrome/product_logo_32.xpm:330:" [.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l. ",
28.52user 12.54system 1:31.78elapsed 44%CPU (0avgtext+0avgdata 9516maxresident)k
12793352inputs+0outputs (3major+1884minor)pagefaults 0swaps
The listing is too long to fit in this answer. Note the last file found is a false positive:
/opt/google/chrome/product_logo_32.xpm
because it doesn't contain a real IP address:
[.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l.
Restrict your search to /etc directory at first
To narrow down search to more meaningful short-list use:
$ sudo time grep -rnI -E "([0-9]1,3[.])3[0-9]1,3" /etc/etc/hosts:1:127.0.0.1 localhost
/etc/hosts:2:127.0.1.1 alien
/etc/cron.daily/google-earth:47:Version: GnuPG v1.4.2.2 (GNU/Linux)
(... SNIP ...)
/etc/cups/cups-browsed.conf:77:# BrowseDeny 192.168.1.13
/etc/cups/cups-browsed.conf:78:# BrowseDeny 192.168.3.0/24
/etc/cups/cups-browsed.conf:79:# BrowseDeny 192.168.3.0/255.255.255.0
0.04user 0.03system 0:00.19elapsed 40%CPU (0avgtext+0avgdata 2800maxresident)k
22384inputs+0outputs (1major+181minor)pagefaults 0swaps
answered Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
This is insuffient as it fails to find IPv6 addresses. Also: 0xc0.0xa8.0x01.0x6e, 0xC0A8016E and 3232235886 are all valid ways to write the IPv4 address usually written as 192.168.1.110. So it is not such an easy job to really find all IP addresses.
– Sebastian Stark
Apr 9 at 4:04
@SebastianStark I did find some Stack Exchange answers on how to grep on IPv6 addresses but have not quite got it figured out yet. You can post an answer if you know how, else I will update my answer after I figure it out.
– WinEunuuchs2Unix
Apr 9 at 4:07
Forgot octal notation for IPv4: 0300.0250.0001.0156
– Sebastian Stark
Apr 9 at 4:09
2
It is not so clear what you are trying to do, except pose a little bit esoteric text processing question.
– Sebastian Stark
Apr 9 at 4:14
2
A substantial number of IP addresses on your computer will be only in RAM, like for instance the routing table or the ARP cache. Most of them you will probably be able to retrieve from the /proc file system or with specialised tools (arp(8), ip(8)).
– Sebastian Stark
Apr 9 at 4:28
 |Â
show 6 more comments
up vote
2
down vote
up vote
2
down vote
Use grep
You can use grep to find all files containing something that looks like an IPv4 IP address. Be aware there will be false positives. For example the file:
/usr/src/linux-headers-4.14.30-041430/include/linux/oid_registry.h
at line 48 will contain:
OID_smimeAuthenticatedAttrs, /* 1.2.840.113549.1.9.16.2.11 */
It sort of looks like an IP address in the comments but it is not.
Initially start with a count of all the lines containing an IP address on your system:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" / | wc
27.76user 13.17system 1:31.06elapsed 44%CPU (0avgtext+0avgdata 10416maxresident)k
12451744inputs+0outputs (2major+2098minor)pagefaults 0swaps
17164 122083 3138285
Let's break down the commands
sudoprevents "Permission denied" errorstimetells us how long it takes to run, ie. 1 minute 31 secondsgrepis the command that searches for strings in files-rnwIare the arguments (aka parameters) passed togrep. Thermeans recursive meaning sub-directories are processed. Thenargument prints the line number the search string occurs in the file. TheIargument tells it to ignore binary files. If binary files were include the number of files would increase from 17,164 to 22,253 on my system. You can't open binary files and make any sense of them though.-exclude-dir=are the directories to exclude from the search. Without this listgrepcan take 53 hours to complete: `grep`ing all files for a string takes a long time-Eis the argument togrepthat tells it the search string is about to follow."([0-9]1,3[.])3[0-9]1,3"is the search string to look forward. Explained in more detail below./tellsgrepto start at the root directory. However the excluded directories will be skipped.|is the pipe command sending all output to thewccommand instead of the screen.wcis the "word count" command. It counts the number lines, number of words and number of characters passed to it. In our case it is17164lines,122,083words and3,138,285characters. Commas added for clarity.
Breaking down "([0-9]1,3[.])3[0-9]1,3"
As shown earlier, the search string passed to grep is "([0-9]1,3[.])3[0-9]1,3". Here is how it works:
"([0-9]1,3[.])3[0-9]1,3"
^ ^ ^ ^ ^ ^
| | | | | +---- count of digits must be 1 to 3
| | | | +--------- look for digits 0 through 9
| | | +------------- patterns 1 to 3 digits of 0-9 followed by . occurs 3 times
| | +------------------ count of 1 to 3 digits must be followed by .
| +---------------------- count of digits is 1 to 3
+--------------------------- look for digits 0 to 9
Seeing the output instead of word count
To see the actual output instead of just the word count remove | wc from the end of the command line:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" /
(... SNIP ...)
/usr/bin/printer-profile:176: OUT="nc 192.168.1.12 9100 < xxx.prn"
/opt/google/chrome/default_apps/external_extensions.json:23: "external_version": "0.0.0.6"
/opt/google/chrome/product_logo_32.xpm:330:" [.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l. ",
28.52user 12.54system 1:31.78elapsed 44%CPU (0avgtext+0avgdata 9516maxresident)k
12793352inputs+0outputs (3major+1884minor)pagefaults 0swaps
The listing is too long to fit in this answer. Note the last file found is a false positive:
/opt/google/chrome/product_logo_32.xpm
because it doesn't contain a real IP address:
[.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l.
Restrict your search to /etc directory at first
To narrow down search to more meaningful short-list use:
$ sudo time grep -rnI -E "([0-9]1,3[.])3[0-9]1,3" /etc/etc/hosts:1:127.0.0.1 localhost
/etc/hosts:2:127.0.1.1 alien
/etc/cron.daily/google-earth:47:Version: GnuPG v1.4.2.2 (GNU/Linux)
(... SNIP ...)
/etc/cups/cups-browsed.conf:77:# BrowseDeny 192.168.1.13
/etc/cups/cups-browsed.conf:78:# BrowseDeny 192.168.3.0/24
/etc/cups/cups-browsed.conf:79:# BrowseDeny 192.168.3.0/255.255.255.0
0.04user 0.03system 0:00.19elapsed 40%CPU (0avgtext+0avgdata 2800maxresident)k
22384inputs+0outputs (1major+181minor)pagefaults 0swaps
answered Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
Use grep
You can use grep to find all files containing something that looks like an IPv4 IP address. Be aware there will be false positives. For example the file:
/usr/src/linux-headers-4.14.30-041430/include/linux/oid_registry.h
at line 48 will contain:
OID_smimeAuthenticatedAttrs, /* 1.2.840.113549.1.9.16.2.11 */
It sort of looks like an IP address in the comments but it is not.
Initially start with a count of all the lines containing an IP address on your system:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" / | wc
27.76user 13.17system 1:31.06elapsed 44%CPU (0avgtext+0avgdata 10416maxresident)k
12451744inputs+0outputs (2major+2098minor)pagefaults 0swaps
17164 122083 3138285
Let's break down the commands
sudoprevents "Permission denied" errorstimetells us how long it takes to run, ie. 1 minute 31 secondsgrepis the command that searches for strings in files-rnwIare the arguments (aka parameters) passed togrep. Thermeans recursive meaning sub-directories are processed. Thenargument prints the line number the search string occurs in the file. TheIargument tells it to ignore binary files. If binary files were include the number of files would increase from 17,164 to 22,253 on my system. You can't open binary files and make any sense of them though.-exclude-dir=are the directories to exclude from the search. Without this listgrepcan take 53 hours to complete: `grep`ing all files for a string takes a long time-Eis the argument togrepthat tells it the search string is about to follow."([0-9]1,3[.])3[0-9]1,3"is the search string to look forward. Explained in more detail below./tellsgrepto start at the root directory. However the excluded directories will be skipped.|is the pipe command sending all output to thewccommand instead of the screen.wcis the "word count" command. It counts the number lines, number of words and number of characters passed to it. In our case it is17164lines,122,083words and3,138,285characters. Commas added for clarity.
Breaking down "([0-9]1,3[.])3[0-9]1,3"
As shown earlier, the search string passed to grep is "([0-9]1,3[.])3[0-9]1,3". Here is how it works:
"([0-9]1,3[.])3[0-9]1,3"
^ ^ ^ ^ ^ ^
| | | | | +---- count of digits must be 1 to 3
| | | | +--------- look for digits 0 through 9
| | | +------------- patterns 1 to 3 digits of 0-9 followed by . occurs 3 times
| | +------------------ count of 1 to 3 digits must be followed by .
| +---------------------- count of digits is 1 to 3
+--------------------------- look for digits 0 to 9
Seeing the output instead of word count
To see the actual output instead of just the word count remove | wc from the end of the command line:
$ sudo time grep -rnwI --exclude-dir=boot,dev,media,mnt,lib,proc,root,run,sys,/tmp,tmpfs,var -E "([0-9]1,3[.])3[0-9]1,3" /
(... SNIP ...)
/usr/bin/printer-profile:176: OUT="nc 192.168.1.12 9100 < xxx.prn"
/opt/google/chrome/default_apps/external_extensions.json:23: "external_version": "0.0.0.6"
/opt/google/chrome/product_logo_32.xpm:330:" [.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l. ",
28.52user 12.54system 1:31.78elapsed 44%CPU (0avgtext+0avgdata 9516maxresident)k
12793352inputs+0outputs (3major+1884minor)pagefaults 0swaps
The listing is too long to fit in this answer. Note the last file found is a false positive:
/opt/google/chrome/product_logo_32.xpm
because it doesn't contain a real IP address:
[.}.}.|.1.2.3.4.5.6.7.8.9.0.a.b.8.c.d.e.f.g.h.h.i.j.k.l.
Restrict your search to /etc directory at first
To narrow down search to more meaningful short-list use:
$ sudo time grep -rnI -E "([0-9]1,3[.])3[0-9]1,3" /etc/etc/hosts:1:127.0.0.1 localhost
/etc/hosts:2:127.0.1.1 alien
/etc/cron.daily/google-earth:47:Version: GnuPG v1.4.2.2 (GNU/Linux)
(... SNIP ...)
/etc/cups/cups-browsed.conf:77:# BrowseDeny 192.168.1.13
/etc/cups/cups-browsed.conf:78:# BrowseDeny 192.168.3.0/24
/etc/cups/cups-browsed.conf:79:# BrowseDeny 192.168.3.0/255.255.255.0
0.04user 0.03system 0:00.19elapsed 40%CPU (0avgtext+0avgdata 2800maxresident)k
22384inputs+0outputs (1major+181minor)pagefaults 0swaps
answered Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
answered Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
answered Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
answered Apr 9 at 0:12
WinEunuuchs2Unix
35.8k759133
35.8k759133
This is insuffient as it fails to find IPv6 addresses. Also: 0xc0.0xa8.0x01.0x6e, 0xC0A8016E and 3232235886 are all valid ways to write the IPv4 address usually written as 192.168.1.110. So it is not such an easy job to really find all IP addresses.
– Sebastian Stark
Apr 9 at 4:04
@SebastianStark I did find some Stack Exchange answers on how to grep on IPv6 addresses but have not quite got it figured out yet. You can post an answer if you know how, else I will update my answer after I figure it out.
– WinEunuuchs2Unix
Apr 9 at 4:07
Forgot octal notation for IPv4: 0300.0250.0001.0156
– Sebastian Stark
Apr 9 at 4:09
2
It is not so clear what you are trying to do, except pose a little bit esoteric text processing question.
– Sebastian Stark
Apr 9 at 4:14
2
A substantial number of IP addresses on your computer will be only in RAM, like for instance the routing table or the ARP cache. Most of them you will probably be able to retrieve from the /proc file system or with specialised tools (arp(8), ip(8)).
– Sebastian Stark
Apr 9 at 4:28
 |Â
show 6 more comments
This is insuffient as it fails to find IPv6 addresses. Also: 0xc0.0xa8.0x01.0x6e, 0xC0A8016E and 3232235886 are all valid ways to write the IPv4 address usually written as 192.168.1.110. So it is not such an easy job to really find all IP addresses.
– Sebastian Stark
Apr 9 at 4:04
@SebastianStark I did find some Stack Exchange answers on how to grep on IPv6 addresses but have not quite got it figured out yet. You can post an answer if you know how, else I will update my answer after I figure it out.
– WinEunuuchs2Unix
Apr 9 at 4:07
Forgot octal notation for IPv4: 0300.0250.0001.0156
– Sebastian Stark
Apr 9 at 4:09
2
It is not so clear what you are trying to do, except pose a little bit esoteric text processing question.
– Sebastian Stark
Apr 9 at 4:14
2
A substantial number of IP addresses on your computer will be only in RAM, like for instance the routing table or the ARP cache. Most of them you will probably be able to retrieve from the /proc file system or with specialised tools (arp(8), ip(8)).
– Sebastian Stark
Apr 9 at 4:28
This is insuffient as it fails to find IPv6 addresses. Also: 0xc0.0xa8.0x01.0x6e, 0xC0A8016E and 3232235886 are all valid ways to write the IPv4 address usually written as 192.168.1.110. So it is not such an easy job to really find all IP addresses.
– Sebastian Stark
Apr 9 at 4:04
This is insuffient as it fails to find IPv6 addresses. Also: 0xc0.0xa8.0x01.0x6e, 0xC0A8016E and 3232235886 are all valid ways to write the IPv4 address usually written as 192.168.1.110. So it is not such an easy job to really find all IP addresses.
– Sebastian Stark
Apr 9 at 4:04
@SebastianStark I did find some Stack Exchange answers on how to grep on IPv6 addresses but have not quite got it figured out yet. You can post an answer if you know how, else I will update my answer after I figure it out.
– WinEunuuchs2Unix
Apr 9 at 4:07
@SebastianStark I did find some Stack Exchange answers on how to grep on IPv6 addresses but have not quite got it figured out yet. You can post an answer if you know how, else I will update my answer after I figure it out.
– WinEunuuchs2Unix
Apr 9 at 4:07
Forgot octal notation for IPv4: 0300.0250.0001.0156
– Sebastian Stark
Apr 9 at 4:09
Forgot octal notation for IPv4: 0300.0250.0001.0156
– Sebastian Stark
Apr 9 at 4:09
2
2
It is not so clear what you are trying to do, except pose a little bit esoteric text processing question.
– Sebastian Stark
Apr 9 at 4:14
It is not so clear what you are trying to do, except pose a little bit esoteric text processing question.
– Sebastian Stark
Apr 9 at 4:14
2
2
A substantial number of IP addresses on your computer will be only in RAM, like for instance the routing table or the ARP cache. Most of them you will probably be able to retrieve from the /proc file system or with specialised tools (arp(8), ip(8)).
– Sebastian Stark
Apr 9 at 4:28
A substantial number of IP addresses on your computer will be only in RAM, like for instance the routing table or the ARP cache. Most of them you will probably be able to retrieve from the /proc file system or with specialised tools (arp(8), ip(8)).
– Sebastian Stark
Apr 9 at 4:28
 |Â
show 6 more comments
Â
draft saved
draft discarded
Â
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1023188%2flist-all-ip-addresses-in-files-on-my-computer%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password