ARIN RESTful Whois Code
ARIN RESTful Whois Retrieve and Store
Status: Beta
Brought to you by:
gen2liker
Menu
▾
▴
Tree [e912cc] master / History
Read Me
RWHOIS
Is a simple utility written by Mark T. Vitt to grab ARIN IP Block
information for admin research and security. Its output includes basic
WildCard, Netmask, and IP range information. Updated amd Created Times
are MST.
rwhois is being released to Open Source in hopes that others will improve
and enhance it.
It should be easy to use and install without having to compile. Those
wishing to add or fix code: supporting source code is included to avoid
version or customizations issues.
Remember to follow ARIN's guidelines for using their RESTful services. It
is your responsibility to use them as intended.
IMPORTANT: CURRENT USERS who have used the MultiBlock fix including StartIP and
EndIP invalid ranges need to issue the 'fa' command option to update and/or
use appropriate MySQL commands to remove Records which may have been effected.
*** CURRENT USERS Need to Add the Following from their mysql prompt since two
additional data items have been added - New Users do not:
alter table whoisbase add abusemail varchar(50);
alter table whoisbase add adminmail varchar(50);
Latest Fix 5/18/2015: Fixed some command line flags not working and moved output
functions to whoissql unit. Removed redundant output
function.
***
NOTE: This was originally written in a couple of hours and updated to quickly
fix issues, so it could be cleaned up a bit and made much more modular (objects).
The latest quick fix was records containing Multiple Network Blocks in
a single record.
EXAMPLE OUTPUT:
Get: 72.26.32.2...Ok Address...Ok POC...Ok Contact Email...Ok
SearchIP: 72.26.32.2 - IP Range: 72.26.32.0 - 72.26.63.255 (CIDR: 72.26.32.0/19)
WildCard: 0.0.31.255 - Mask: 255.255.224.0
Name: VTX Communications
Handle: VTXC-1
Address: 401 E Jackson Ave
Harlingen
TX
78550
UNITED STATES
Abuse: netmaster@vtxc.net Admin: netmaster@vtxc.net
MonFlag:
Updated: 4/10/2014 12:49.35
Created: 4/10/2014 12:49.35
RefLnk: http://whois.arin.net/rest/org/VTXCO
Record Created
Something I would like to add is a flat file database option using TSTRINGLIST.
Such an option would not require MySql support and would reduce rwhois
footprint by half with Mysql references compiled out. A (cough) WIN32 capable
version would also be useful.
INSTALLATION DIRECTIONS:
-----------------------
Requirements - Mysql Version 5.0
To Compile yourself: FPC Version 2.2.4 and included sources and
FP CLI settings. FP Options settings that
should be manually set for Commit are:
Linker = Smart Libs and Debugging = Strip All
1)
Copy rwhois executable and rwhois.conf to a directory in your path.
Edit rwhois.conf with your Mysql information. Below is default rwhois.conf
file which is automatically created if not present:
# rwhois configuration file
# MySql information
host=127.0.0.1
user=guest
password=guest
database=whoisbase
New and Optional:
logile=rwhois.txt
2)
Run Mysql and copy and paste below to create the table 'whoisbase'
Monitorflag is used for internal security but should be able to be left out
unless you use the <sm> command line option.
CREATE TABLE whoisbase (
CIDaddr int NOT NULL,
CIDstr varchar(20),
orgname varchar(60),
orghandle varchar(30),
address varchar(180),
cidlen smallint,
startip int,
endip int,
epochorg int,
epochupt int,
country varchar(20),
monitorflag varchar(5),
abusemail varchar(50),
adminmail varchar(50),
PRIMARY KEY (CIDaddr)
) type=MyISAM;
3)
Run rwhois without any parameters to confirm rwhois.conf is set right.
EXAMPLE:
/usr/local/rwhois/rwhois IPAddress <options>
a - Show all related IP in Block (Local)
auto - Auto Retrieve/Store non-local records
fa - Force Add New Record in Auto (for subrecords)
l - Log New Entries to rwhois.log
la - Log All Entries to rwhois.log
p - Pause Display of each record
nr - Use only local records, do not retrieve
se - Show Epoch next to Date/Time
sh - Short Output
sm - Set Monitor Flag <sm<flag>
u - Update/Retreive Record
Search Requests:
ad - Search for Address (<ci> ad<"address"> <not> <bf>)
c - Search for Country (<ci> c<"country"> <not> <bf>)
dc - Search for Creation Date (dc<"xx/xx/xxxx"> <bf>)
og - Search for Organization (<ci> og<"organization"> <not> <bf>)
bf - Output SoftBlock String for results
ci - Do case insensitive search
String Searches like og"Test Org" are Case Sensitive unless ci option is used before search request
/usr/local/rwhois/rwhois.conf Configration Settings:
MySQL:
Host = 127.0.0.1
User = guest
Password = guest
Database = whoisbase
Other:
Logfile = rwhois.log
Ver.ARINRest/0.62
4)
Run rwhois with your first IP. rwhois 192.168.1.122
To Search whoisbase from Your Internal Software Use (MY_IP = IP to lookup):
SELECT * FROM whoisbase WHERE MY_IP BETWEEN startip and endip ORDER by CIDaddr