Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 5 Dec 1999 18:33:06 -0500
From:      Greg Lehey <grog@mojave.sitaranetworks.com>
To:        cjclark@home.com, D Tougas <dtougas@converging.net>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: How do I find where an IP address is from?
Message-ID:  <19991205183306.03570@mojave.sitaranetworks.com>
In-Reply-To: <199912050430.XAA47002@cc942873-a.ewndsr1.nj.home.com>; from Crist J. Clark on Sat, Dec 04, 1999 at 11:30:04PM -0500
References:  <19991204163756.A3242@converging.net> <199912050430.XAA47002@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Saturday,  4 December 1999 at 23:30:04 -0500, Crist J. Clark wrote:
> D Tougas wrote,
>> Hello,
>>
>> I am tring to write a script (maybe there is one that already does this...)
>> that takes the IP addresses from an apache log file and checks to see
>> what parts of the world people are browsing from. I can use nslookup
>> to find out what domain an IP address belongs to, but it seems that
>> whois no longer gives much information of any value. I would like some
>> way to find out what country an IP address or domain name is from, and
>> it has to be easy enough to put into a script. Can anyone help me out
>> with this, is there some utility that I am missing?
>
> Dunno how you can do better than 'whois -a <ip>' in a script.

 $ whois -a 192.109.197.137
 Universitaet Karlsruhe (NET-UNIDOBLOCK) NETBLK-UNIDOBLOCK
                                                   192.109.0.0 - 192.109.255.0
 University of Dortmund (NETBLK-UNIDOBLOCK2D) UNIDOBLOCK2D
                                                 192.109.178.0 - 192.109.255.0

 $ nslookup 192.109.197.137
 Server:  apollo.sitaranetworks.com
 Address:  199.103.141.105

 Name:    freebie.lemis.com
 Address:  192.109.197.137

Which looks more accurate to you?

To get back to D's question: You can't do that.  There's nothing in
the output of nslookup or even whois which tells you where the system
is located.  You might think Germany, based on the output of whois, or
the USA, based on the .com domain, but in fact freebie is located in
Australia.

Greg
--
When replying to this message, please copy the original recipients.
For more information, see http://www.lemis.com/questions.html
Finger grog@lemis.com for PGP public key
See complete headers for address and phone numbers


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991205183306.03570>