扫描整个网段（不超过255个IP）的MAC地址

ruying

[root@localhost ~]# cat  ip_mac_v2.sh
#!/bin/bash
#Program:
#       Saomiao bu  chao guo  255 ge zhu ji  de  MAC dizhi
#History
#       2009/04/23      Caoyameng       Version0.1
#       2009/04/23      Caoyameng       Version1.0
#       2009/04/23      Caoyameng       Version2.0
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH

ip="192.168.0."
ip2=1
ip3=254

echo "this time scanning in ">>MAC.txt
date>>MAC.txt
while [ "$ip2" != "$(($ip3+1))" ]
do
MAC=`arping  -f $ip$ip2  -w 1 |awk  '{print $5}'|sed  -n  '2p'`
if [ "$MAC" != "broadcast(s))" ];
then
MACADD=`echo $MAC|cut -c 2-18`
echo "$ip$ip2   $MACADD" >> MAC.txt
else
echo "This host (IPip$ip2) is nonentity."
fi
ip2=$(($ip2+1))
done

[ 本帖最后由 ruying 于 2009-4-24 17:14 编辑 ]

waker

有个命令叫 nmap

我是DBA

我帮你测了，有些系统取不到mac地址。
而且有两个done
脚本会报错。

[ 本帖最后由 我是DBA 于 2009-4-24 15:48 编辑 ]

ruying

您能详细的说一下么？
我一直认为两个主机只要hello了以后，就算对方答复是NO，我这类也可以知道对方的MAC地址，不能理解为什么有些系统取不到mac地址。
---------------
回复2楼的，谢谢，我马上研究下这个命令；
回复三楼的，我刚发现我粘贴的时候粘错了，重发一下：
[root@localhost ~]# cat  ip_mac_v2.sh
#!/bin/bash
#Program:
#       Saomiao bu  chao guo  255 ge zhu ji  de  MAC dizhi
#History
#       2009/04/23      Caoyameng       Version0.1
#       2009/04/23      Caoyameng       Version1.0
#       2009/04/23      Caoyameng       Version2.0
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH

ip="192.168.0."
ip2=1
ip3=254

echo "this time scanning in ">>MAC.txt
date>>MAC.txt
while [ "$ip2" != "$(($ip3+1))" ]
do
MAC=`arping  -f $ip$ip2  -w 1 |awk  '{print $5}'|sed  -n  '2p'`
if [ "$MAC" != "broadcast(s))" ];
then
MACADD=`echo $MAC|cut -c 2-18`
echo "$ip$ip2   $MACADD" >> MAC.txt
else
echo "This host (IPip$ip2) is nonentity."
fi
ip2=$(($ip2+1))
done

[ 本帖最后由 ruying 于 2009-4-24 17:14 编辑 ]

dgww

哇，超帅~

#nmap -n -sP 192.168.3.1/24

Starting Nmap 4.20 ( http://insecure.org ) at 2009-04-24 17:26 CST
Host 192.168.3.1 appears to be up.
MAC Address: 00:09:0F:11:3E:28 (Fortinet)
Host 192.168.3.2 appears to be up.
MAC Address: 00:0D:0B5:97:02 (Buffalo)
Host 192.168.3.10 appears to be up.
Host 192.168.3.67 appears to be up.
MAC Address: 00:50:8D5:56:A8 (Abit Computer)
Host 192.168.3.70 appears to be up.
MAC Address: 00:21:5D:89:E6:F6 (Unknown)
Host 192.168.3.71 appears to be up.
MAC Address: 00:24:E8:08:FE:31 (Unknown)
Host 192.168.3.73 appears to be up.
MAC Address: 00:22:69:5A1:6B (Unknown)
Host 192.168.3.75 appears to be up.
MAC Address: 00:16:41:A85:EE (USI)
Host 192.168.3.129 appears to be up.
MAC Address: 00:1A:6B:38:F6:29 (Unknown)

ruying

2楼高见！小弟甘拜下风了！
而且执行速度奇快无比！
[root@localhost ~]# nmap -n -sP 192.168.118.1/24

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2009-04-24 14:21 CST
Host 192.168.118.1 appears to be up.
MAC Address: 00:50:56:C0:00:08 (VMWare)
Host 192.168.118.2 appears to be up.
MAC Address: 00:50:56:E5:2C:66 (VMWare)
Host 192.168.118.131 appears to be up.
Host 192.168.118.137 appears to be up.
MAC Address: 00:0C:29:79:17:9D (VMware)
Host 192.168.118.254 appears to be up.
MAC Address: 00:50:56:ED:AD:40 (VMWare)
Nmap finished: 256 IP addresses (5 hosts up) scanned in 7.324 seconds

dgww

原帖由 ruying 于 2009-4-24 16:29 发表
您能详细的说一下么？
我一直认为两个主机只要hello了以后，就算对方答复是NO，我这类也可以知道对方的MAC地址，不能理解为什么有些系统取不到mac地址。
---------------
回复2楼的，谢谢，我马上研究下这个 ...

第一次知道arping的命令，另外，我觉得如果获取不到的MAC地址，是否是防火墙的问题呢？

我是DBA

[root@zzytelephone root]# sh test.sh
This host (IP:192.168.100.100) is nonentity.
This host (IP:192.168.100.10 is nonentity.
This host (IP:192.168.100.120) is nonentity.
[root@zzytelephone root]# cat MAC.txt
this time scanning in
Fri Apr 24 18:37:49 CST 2009
192.168.100.101   00:E0:4C:CA:6E:8B
192.168.100.102   00:E0:4CA:2B:B5
192.168.100.103   
192.168.100.104   00:E0:4C:49:05:49
192.168.100.105   
192.168.100.106   
192.168.100.107   00:0F:EA:24:20:46
192.168.100.109   
192.168.100.110   00:90:30:03:25:CD
192.168.100.111   00:90:30:03:80:F0
192.168.100.112   00:90:30:03:90:47
192.168.100.113   00:0F:EA:23:22:BC
192.168.100.114   00:0C:6E:69:C99
192.168.100.115   
192.168.100.116   00:30:48:79:8E:BA
192.168.100.117   00:07:E93:6F:CB
192.168.100.118   00:90:30:03:83:5F
192.168.100.119   00:0F:EA:24:20:FC
[root@zzytelephone root]# arping 192.168.100.103
ARPING 192.168.100.103 from 192.168.100.108 eth0
Unicast reply from 192.168.100.103 [00:E0:4D:B4:13C]  1.218ms
Sent 1 probes (1 broadcast(s))
Received 1 response(s)