nz ip range

bigalownz

18 Sep 2015 18 Sep '15

6:35 p.m.

im doing a little project and im looking for a script to get nz ip ranges i did a Google search and found this, but as you can see it was from 2005 and out dated, the url doesn't work etc i need some help to update it thanks #!/usr/local/bin/php <?php $in_file = "ftp://ftp.apnic.net/pub/apnic/dbase/data/country-ipv4.lst"; // $in_file = "country-ipv4.lst"; $out_file = "nzipranges.txt"; $handle_input = @fopen($in_file,"r") or die("Unable to open $in_file\n\n"); $handle_output = fopen($out_file, "w"); $now = date ("r"); fwrite ($handle_output,"# Generated: $now\n\n"); while (!feof($handle_input)) { $buffer = fgets($handle_input); if ( ereg ( "nz", $buffer) ) { // echo $buffer; $this_range = trim(preg_replace ( "#([\d\.]+) \- [\d\.]+ : [\d\.]+(\/\d+) .+#","$1$2", $buffer )); fwrite ($handle_output,"\n" . $this_range); } } fclose($handle_input); fwrite ($handle_output,"\n"); fclose($handle_output); ?>

Show replies by date

Jethro Carr

18 Sep 18 Sep

6:49 p.m.

Hi bigalownz, I wrote a Puppet module that you can use to pull IP address lists from various registries. If you’re using Puppet, it means you can get an array of all the IPs for a specific region (such as NZ) for use in configuration files or resources. https://github.com/jethrocarr/puppet-rirs If you’re not using Puppet, the good news is that it’s almost entirely Ruby, so you could take a look at the function and adapt it very quickly to be a standalone script. https://github.com/jethrocarr/puppet-rirs/blob/master/lib/puppet/parser/func... regards, Jethro -- Jethro Carr www.jethrocarr.com On 19 September 2015 at 23:34:33, bigalownz (bigalownz(a)gmail.com) wrote:

...

im doing a little project and im looking for a script to get nz ip ranges

i did a Google search and found this, but as you can see it was from 2005 and out dated, the url doesn't work etc i need some help to update it thanks

#!/usr/local/bin/php

...
$in_file = "ftp://ftp.apnic.net/pub/apnic/dbase/data/country-ipv4.lst"; // $in_file = "country-ipv4.lst"; $out_file = "nzipranges.txt";

$handle_input = @fopen($in_file,"r") or die("Unable to open $in_file\n\n");

$handle_output = fopen($out_file, "w");

$now = date ("r");

fwrite ($handle_output,"# Generated: $now\n\n");

while (!feof($handle_input)) { $buffer = fgets($handle_input); if ( ereg ( "nz", $buffer) ) { // echo $buffer; $this_range = trim(preg_replace ( "#([\d\.]+) \- [\d\.]+ : [\d\.]+(\/\d+) .+#","$1$2", $buffer )); fwrite ($handle_output,"\n" . $this_range); } } fclose($handle_input);

fwrite ($handle_output,"\n"); fclose($handle_output);

?>

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

Damian Kissick

20 Sep 20 Sep

5:17 a.m.

Bigalownz, Browsing to the folder on the APNIC server has a readme file that indicates that particular file is deprecated in favour of ftp://ftp.apnic.net/public/apnic/stats/apnic/delegated-apnic-latest. Also be wary this report is a list of the country of allocation and won't indicate where it is used. For example, there are some an Australian service providers using some of their ranges in New Zealand. It still works currently as a very coarse indication, but I'd be wary using it for geolocation - especially if you're using it to control access to some content. Out of curiousity, what are you planning on using the information for? Cheers, - Damian -- Damian Kissick http://www.actrix.co.nz On 19/09/15 23:49, Jethro Carr wrote:

...

Hi bigalownz,

I wrote a Puppet module that you can use to pull IP address lists from various registries. If you’re using Puppet, it means you can get an array of all the IPs for a specific region (such as NZ) for use in configuration files or resources.

https://github.com/jethrocarr/puppet-rirs

If you’re not using Puppet, the good news is that it’s almost entirely Ruby, so you could take a look at the function and adapt it very quickly to be a standalone script.

https://github.com/jethrocarr/puppet-rirs/blob/master/lib/puppet/parser/func...

regards, Jethro

-- Jethro Carr www.jethrocarr.com

On 19 September 2015 at 23:34:33, bigalownz (bigalownz(a)gmail.com) wrote:

...
im doing a little project and im looking for a script to get nz ip ranges

i did a Google search and found this, but as you can see it was from 2005 and out dated, the url doesn't work etc i need some help to update it thanks

#!/usr/local/bin/php

...
$in_file = "ftp://ftp.apnic.net/pub/apnic/dbase/data/country-ipv4.lst"; // $in_file = "country-ipv4.lst"; $out_file = "nzipranges.txt";

$handle_input = @fopen($in_file,"r") or die("Unable to open $in_file\n\n");

$handle_output = fopen($out_file, "w");

$now = date ("r");

fwrite ($handle_output,"# Generated: $now\n\n");

while (!feof($handle_input)) { $buffer = fgets($handle_input); if ( ereg ( "nz", $buffer) ) { // echo $buffer; $this_range = trim(preg_replace ( "#([\d\.]+) \- [\d\.]+ : [\d\.]+(\/\d+) .+#","$1$2", $buffer )); fwrite ($handle_output,"\n" . $this_range); } } fclose($handle_input);

fwrite ($handle_output,"\n"); fclose($handle_output);

?>

Dave Mill

5:26 a.m.

Yeah, I was going to post this earlier but reading Damian's email prompted me to get around to it. So, what is a NZ IP? Is it? -An IP delegated by a RIR for use by an NZ organisation? -An IP that appears on peering exchanges in NZ? -An IP that appears in domestic tables offered by "domestic transit" providers? -An IP that is sourced by a NZ ASN? And what are NZ ASNs? -An IP that GeoIP shows is in NZ? All of those seem like good definitions of an NZ IP to me but they are all very different. Cheers Dave On Mon, Sep 21, 2015 at 10:17 AM, Damian Kissick wrote:

...

Bigalownz,

Browsing to the folder on the APNIC server has a readme file that indicates that particular file is deprecated in favour of ftp://ftp.apnic.net/public/apnic/stats/apnic/delegated-apnic-latest.

Also be wary this report is a list of the country of allocation and won't indicate where it is used. For example, there are some an Australian service providers using some of their ranges in New Zealand.

It still works currently as a very coarse indication, but I'd be wary using it for geolocation - especially if you're using it to control access to some content. Out of curiousity, what are you planning on using the information for?

Cheers, - Damian

-- Damian Kissick http://www.actrix.co.nz

On 19/09/15 23:49, Jethro Carr wrote:

...
Hi bigalownz,

I wrote a Puppet module that you can use to pull IP address lists from various registries. If you’re using Puppet, it means you can get an array of all the IPs for a specific region (such as NZ) for use in configuration files or resources.

https://github.com/jethrocarr/puppet-rirs

If you’re not using Puppet, the good news is that it’s almost entirely Ruby, so you could take a look at the function and adapt it very quickly to be a standalone script.

https://github.com/jethrocarr/puppet-rirs/blob/master/lib/puppet/parser/func...

regards, Jethro

-- Jethro Carr www.jethrocarr.com

On 19 September 2015 at 23:34:33, bigalownz (bigalownz(a)gmail.com) wrote:

...
im doing a little project and im looking for a script to get nz ip ranges i did a Google search and found this, but as you can see it was from 2005 and out dated, the url doesn't work etc i need some help to update it thanks #!/usr/local/bin/php

...
$in_file = "ftp://ftp.apnic.net/pub/apnic/dbase/data/country-ipv4.lst"; // $in_file = "country-ipv4.lst"; $out_file = "nzipranges.txt"; $handle_input = @fopen($in_file,"r") or die("Unable to open $in_file\n\n"); $handle_output = fopen($out_file, "w"); $now = date ("r"); fwrite ($handle_output,"# Generated: $now\n\n"); while (!feof($handle_input)) { $buffer = fgets($handle_input); if ( ereg ( "nz", $buffer) ) { // echo $buffer; $this_range = trim(preg_replace ( "#([\d\.]+) \- [\d\.]+ : [\d\.]+(\/\d+) .+#","$1$2", $buffer )); fwrite ($handle_output,"\n" . $this_range); } } fclose($handle_input); fwrite ($handle_output,"\n"); fclose($handle_output); ?>

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

Tim Hoffman

5:52 a.m.

IM'ing with Dave he's asked me to publicly post the comments I had made to the list :) On Sun, Sep 20, 2015 at 3:26 PM, Dave Mill wrote:

...

-An IP delegated by a RIR for use by an NZ organisation?

-An IP that appears on peering exchanges in NZ?

...

-An IP that appears in domestic tables offered by "domestic transit"

...

providers?

So are CloudFlare's advertisements from their NZ POP to NZ internet exchanges and in domestic tables of transit providers NZ's IPs or not?

...

-An IP that is sourced by a NZ ASN? And what are NZ ASNs? -An IP that GeoIP shows is in NZ?

GeoIP is where this gets really interesting. The level of terribleness of GeoIP is amazing. Over the last few years in the various global networks I have run, I've seen behaviors such as Brazilian users being GeoIP tagged as residing in Sydney - creating some *interesting* routing and delay behavior for those users :). Moral of the story is that GeoIP is a terrible way to classify traffic, hence why many global content networks lean towards Anycast to route users to their content.

...

All of those seem like good definitions of an NZ IP to me but they are all very different.

Are they *good* definitions? I would struggle to see any of them as actually defining clearly what a NZ IP is! HTH, Cheers, Tim

Dave Mill

6:10 a.m.

Comments below. On Mon, Sep 21, 2015 at 10:52 AM, Tim Hoffman wrote:

...

IM'ing with Dave he's asked me to publicly post the comments I had made to the list :)

On Sun, Sep 20, 2015 at 3:26 PM, Dave Mill wrote:

...
-An IP delegated by a RIR for use by an NZ organisation?

-An IP that appears on peering exchanges in NZ?

...
-An IP that appears in domestic tables offered by "domestic transit"

...
providers?

So are CloudFlare's advertisements from their NZ POP to NZ internet exchanges and in domestic tables of transit providers NZ's IPs or not?

Well yeah, from definitions 2 and 3 (which I'm guessing a lot of people use to define NZ IPs), CloudFlare are NZ IPs. Which could be considered very wrong.

...

...
-An IP that is sourced by a NZ ASN? And what are NZ ASNs?

And what if some providers like FX or CallPlus move to their parent company ASNs. Are they still NZ IPs?

...

-An IP that GeoIP shows is in NZ?

...
GeoIP is where this gets really interesting. The level of terribleness of GeoIP is amazing. Over the last few years in the various global networks I have run, I've seen behaviors such as Brazilian users being GeoIP tagged as residing in Sydney - creating some *interesting* routing and delay behavior for those users :). Moral of the story is that GeoIP is a terrible way to classify traffic, hence why many global content networks lean towards Anycast to route users to their content.

And yeah, I hate GeoIP. Maybe GeoIP should start setting the rfc3514 bit in their packets. For some GeoLocation fun change your home AP to have the MAC address of another AP you have used in the past - one in another country even. Works better if you live in the middle of nowhere :)

...

...
All of those seem like good definitions of an NZ IP to me but they are all very different.

Are they *good* definitions? I would struggle to see any of them as actually defining clearly what a NZ IP is!

Yeah, that good word was a bad choice. These are all *definitions *of what a NZ IP is. And none of them are really good or correct in my opinion. I guess what an NZ IP really is is an IP that is sourced from within NZ. And none of those definitions above match that criteria at all. And then anycast will just really screw that completely :) Cheers Dave

Pete Mundy

7:09 a.m.

...

It still works currently as a very coarse indication, but I'd be wary using it for geolocation - especially if you're using it to control access to some content. Out of curiousity, what are you planning on using the information for?

GeoLocation? Maybe. But with Kiwicon just around the corner the cynic in me wonders if it isn't for something more dubious... An updated Low Hanging KiwiFruit perhaps? Pete

Michael Fincham

7:42 a.m.

New subject: LHKF (was Re: nz ip range)

On Mon, 21 Sep 2015 12:09:25 +1200, Pete Mundy wrote:

...

But with Kiwicon just around the corner the cynic in me wonders if it isn't for something more dubious...

An updated Low Hanging KiwiFruit perhaps?

Definitely we should be worrying about people pointing out vulnerabilities, rather than the vulnerabilities themselves. -- Michael

3381

Age (days ago)

3383

Last active (days ago)

List overview

Download

7 comments

8 participants

participants (8)

bigalownz
Damian Kissick
Dave Mill
Dave Mill
Jethro Carr
Michael Fincham
Pete Mundy
Tim Hoffman

nz ip range

bigalownz

Jethro Carr

Damian Kissick

Dave Mill

Tim Hoffman

Dave Mill

Pete Mundy

Michael Fincham

tags

participants (8)