Yep, you've found the place! It's ip_discover.tcl. Within the actual
"Discover IP Network" procedure in this file you probably need to modify
the code at the following point:
set result [ined request "Welcome to the Network Discovering Tool."
"" \
"Enter the IP Numbers of the networks of interest:" \
Add to this a request for a netmask. (If you want to be nice, maybe
allow the netmask to be null, in which case compute a default netmask
based on the assumption that it's a class A, B, or C address. (But if
it's anything bigger than a Class C you may want to warn the user that
he's about to create a major ping flood - see below.))
The other places you need to look at are the "discover_nodes" and
"netping" routines. You need to add a netmask argument to these
routines and use this to decide the range of nodes to ping.
A couple of points about these routines. First, they never worked right
in the first place for anything other than a Class C address. There's a
bug fix for that below. Second, it's questionable whether they *should*
work right for anything bigger than a Class C address, since they ping
every darn IP address in the entire range. Doing this on a Class A or B
address would probably be a bad idea and would never get completed
anyway.
Have fun!
Duncan
-- bug fix in ip_discover.tcl --
##
## Send an icmp request to all hosts on a class C like network. Return
## a list of all ip addresses that have responded to our request.
##
proc netping { network } {
set result ""
# MITRE-DT: Bug fix in regular expression syntax
if {[regexp {^[0-9]+\.[0-9]+\.[0-9]+$} $network] > 0} {
set hosts ""
for {set a4 1} {$a4<255} {incr a4} {
append hosts " $network.$a4"
}
set result [icmp echo $hosts]
}
set res ""
foreach pr $result {
set pr_ip [lindex $pr 0]
set pr_time [lindex $pr 1]
if {$pr_time>=0} {
lappend res $pr_ip
}
}
return $res
}
##
## Try to get all ip nodes of a given network. We currently handle
## 255 nodes (all addresses of a class C like network) in parallel.
## Bigger networks (class B or even class A) are split in class C
## like networks.
##
proc discover_nodes {network} {
# MITRE-DT: Bug fix in regular expression syntax
if {[regexp {^[0-9]+\.[0-9]+\.[0-9]+$} $network] > 0} {
set count 0
set start [clock seconds]
writeln "Pinging for nodes on network $network..."
foreach ip [netping $network] {
create_node $ip
incr count
}
writeln "$count nodes found on network $network in [expr {[clock
seconds]-$start}] seconds."
flush stdout
}
if {[regexp {^[0-9]+\.[0-9]+$} $network] > 0} {
for {set a3 0} {$a3<256} {incr a3} {
discover_nodes $network.$a3
}
}
if {[regexp {^[0-9]+$} $network] > 0} {
for {set a2 0} {$a2<256} {incr a2} {
discover_nodes $network.$a2
}
}
}
> I glanced at it and this looks like a weekend job. I'll let you know on
> Monday how its going. It shouldn't take more than the weekend but I
> don't want to make any promises right now. I have a couple other
> projects lined up that need a little more attention.
>
> Cheers,
> Matthew
>
> Vu Pham wrote:
> >
> > Sorry for my question, but I am quite new to Scotty.
> > I rename that file to discover, copy to /usr/local/lib/tnm2.1.9/examples,
> > change to appropriate executable mode. And what else do I need to do ?
> >
> > How can I apply it to the menu IP-Discover-Network ?
> >
> > Thanks,
> >
> > Vu
> > ----- Original Message -----
> > From: Matthew Levine <mlevine@cisco.com>
> > To: <duncant@mitre.org>
> > Cc: Vu Pham <vu@sivell.com>; Scotty Mailing List <tkined@ibr.cs.tu-bs.de>
> > Sent: Wednesday, August 11, 1999 4:15 PM
> > Subject: Re: [tkined] network & subnet
> >
> > > Hi all,
> > >
> > > I've fixed the discover script (attached) in the examples directory to
> > > use subnet masks. The network address now needs to be a four octet
> > > dotted-decimal address (ie 192.168.1.0) instead of the old format it
> > > wanted (192.168.1 or 192.168).
> > >
> > > The subnet mask must follow the address:
> > >
> > > discover 192.168.1.0 255.255.255.192
> > >
> > > You can specify multiple networks:
> > >
> > > discover 192.168.1.0 255.255.255.192 10.22.33.0 255.255.255.0
> > >
> > > You can even specify an address within the range of interest if you're
> > > not sure what the network number is:
> > >
> > > discover 192.168.1.201 255.255.255.224
> > >
> > > That will search for hosts in the range of 192.168.1.193 to
> > > 192.168.1.222 (don't spam the broadcast address at .223).
> > >
> > > All the other options like delay, window, etc. are still supported.
> > >
> > > Was there another file in question?
> > >
> > > Please tell me what you think of this revised script.
> > >
> > > Thanks,
> > > Matthew
> > >
> > > Duncan Thomson wrote:
> > > >
> > > > Vu Pham wrote:
> > > > >
> > > > > The subnetmask of my network is 255.255.255.192, my network number is
> > > > > 209.44.205.128, ( from 128 to 191 ) but when I typed in this number, I
> > got
> > > > > nothing.
> > > > >
> > > > > How do I need to type in with the above information so that I discover
> > only
> > > > > PCs on my subnet.
> > > >
> > > > Vu,
> > > >
> > > > You really can't. At least not unless it's been added since the version
> > > > I've got (2.1.6). The problem is that there's no way to enter a
> > > > netmask. You are prompted only for an IP address. The ip_discover.tcl
> > > > code parses this and determines if it's a class A, B, or C network, and
> > > > then proceeds to probe that entire network address space. This would be
> > > > relatively easy to fix by modifying ip_discover.tcl. Just add a prompt
> > > > for a netmask and use that to determine which addresses to probe.
> > > > (Again, I'm only looking at 2.1.6, I'm sure someone will correct me if
> > > > this has already been changed in a newer version.)
> > > >
> > > > Duncan
> > > >
> > > > > ----- Original Message -----
> > > > > From: mr sinista <mr_sinista@yahoo.com>
> > > > > To: Vu Pham <vu@sivell.com>
> > > > > Sent: Tuesday, August 10, 1999 4:32 PM
> > > > > Subject: Re: [tkined] network & subnet
> > > > >
> > > > > > U have to give it your correct netmask for your network. As as for
> > > > > > yours i dont know what it is..
> > > > > >
> > > > > > --- Vu Pham <vu@sivell.com> wrote:
> > > > > > > Hi all,
> > > > > > >
> > > > > > > I am running Scotty 2.1.9 on Solaris 7 x86.
> > > > > > >
> > > > > > > I tried the tool IP Trouble and saw it works well
> > > > > > > for me.
> > > > > > > But when I tried the IP monitor, I got something I
> > > > > > > didn't understand.
> > > > > > >
> > > > > > > I choose IP-Discover, and at the prompt I typed in
> > > > > > > 209.44.205.128 ( my
> > > > > > > Solaris has IP 209.44.205.154/255.255.255.192 ), and
> > > > > > > it returned very fast
> > > > > > > w/ a message :
> > > > > > >
> > > > > > > Discover 209.44.205.128 from Neptune
> > > > > > > [209.44.205.154].
> > > > > > > Discover finish in 0 seconds, and no thing appears.
> > > > > > >
> > > > > > > But, if I typed in 209.44.205.0, it worked for a
> > > > > > > while and displayed a lot
> > > > > > > of computers, but a lof of them are not in my
> > > > > > > subnet.
> > > > > > >
> > > > > > > I just want to discover my subnet. How can I do it ?
> > > > > > >
> > > > > > > Many thanks,
> > > > > > >
> > > > > > > Vu
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > !! This message is brought to you via the `tkined &
> > > > > > > scotty' mailing list.
> > > > > > > !! Please do not reply to this message to
> > > > > > > unsubscribe. To subscribe or
> > > > > > > !! unsubscribe, send a mail message to
> > > > > > > <tkined-request@ibr.cs.tu-bs.de>.
> > > > > > > !! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/
> > > > > > > for more information.
> > > > > > >
> > > > > >
> > > > > > _____________________________________________________________
> > > > > > Do You Yahoo!?
> > > > > > Bid and sell for free at http://auctions.yahoo.com
> > > > >
> > > > > --
> > > > > !! This message is brought to you via the `tkined & scotty' mailing
> > list.
> > > > > !! Please do not reply to this message to unsubscribe. To subscribe or
> > > > > !! unsubscribe, send a mail message to
> > <tkined-request@ibr.cs.tu-bs.de>.
> > > > > !! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/ for more
> > information.
> > > > --
> > > > !! This message is brought to you via the `tkined & scotty' mailing
> > list.
> > > > !! Please do not reply to this message to unsubscribe. To subscribe or
> > > > !! unsubscribe, send a mail message to <tkined-request@ibr.cs.tu-bs.de>.
> > > > !! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/ for more
> > information.
> > >
> > > --
> > > ---
> > > ------
> > > Matthew Levine
> > > Development Test (Consumer Line Of Business)
> > > Cisco Systems, Santa Cruz http://www.cisco.com/
> > > mlevine@cisco.com (831) 457 - 5431
> >
> > ----------------------------------------------------------------------------
> > ----
> >
> > > #!/bin/sh
> > > # the next line restarts using scotty -*- tcl -*- \
> > > exec scotty2.1.9 "$0" "$@"
> > >
> > > package require Tnm 2.1
> > >
> > > # define a regular expression used later
> > > set IP_ADDRESS
> > (\[1-9]\[0-9]*).(\[0-9]\[0-9]*).(\[0-9]\[0-9]*).(\[0-9]\[0-9]*)
> > >
> > > ##
> > > ## Send a snmp request to all ip addresses on a subnet identified by
> > network
> > > ## address and mask. In reality, the network range routine is smart
> > enough
> > > ## to deduce the network number so any address will do for the network
> > number.
> > > ##
> > > ## Use with care as this script floods you network! It is
> > > ## just an example how fast asynchronous SNMP operations can work.
> > > ##
> > >
> > > proc SnmpDiscover {net mask delay window retries timeout} {
> > > scan [netrange $net $mask] "%s %s" low high
> > > for { set addr [ip2hex $low] } { $addr < [ip2hex $high] } { incr
> > addr } {
> > > set s [snmp session -address [hex2ip $addr] -delay $delay \
> > > -window $window -retries $retries -timeout $timeout]
> > > $s get sysDescr.0 {
> > > if {"%E" == "noError"} {
> > > set d [lindex [lindex {%V} 0] 2]
> > > regsub -all "\[\n\r\]" $d "" d
> > > puts "[%S cget -address]\t$d"
> > > }
> > > %S destroy
> > > }
> > > update
> > > }
> > > snmp wait
> > > }
> > >
> > > ##
> > > ## Send an icmp request to all ip addresses on a subnet identified by
> > network
> > > ## address and mask. In reality, the network range routine is smart
> > enough
> > > ## to deduce the network number so any address will do for the network
> > number.
> > > ##
> > > ## Use with care as this script floods you network!
> > > ## It is just an example how fast our icmp command can work.
> > > ##
> > >
> > > proc IcmpDiscover {net mask delay window retries timeout} {
> > > set hosts ""
> > > scan [netrange $net $mask] "%s %s" low high
> > > for { set addr [ip2hex $low] } { $addr < [ip2hex $high] } { incr
> > addr } {
> > > lappend hosts [hex2ip $addr]
> > > }
> > > if {[catch {icmp -delay $delay -retries $retries -timeout $timeout \
> > > echo $hosts} result]} {
> > > puts stderr $result
> > > continue
> > > }
> > > foreach elem $result {
> > > set ip [lindex $elem 0]
> > > set rtt [lindex $elem 1]
> > > if {$rtt >= 0} {
> > > puts "$ip\ticmp echo $rtt ms"
> > > }
> > > }
> > > }
> > >
> > > ##
> > > ## Convert a dotted decimal IP address into a hexadecimal address. Bit
> > > ## pushing operations are easier on the hex representation of the address.
> > > ##
> > >
> > > proc ip2hex { addr } {
> > > scan $addr "%d.%d.%d.%d" a b c d
> > > foreach o [list $a $b $c $d] {
> > > set o [format %x $o]
> > > if { [string length $o] == 1 } {
> > > set o "0$o"
> > > }
> > > lappend hex $o
> > > }
> > > return "0x[join $hex ""]"
> > > }
> > >
> > > ##
> > > ## Convert a hexadecimal IP address into a dotted decimal IP address. Bit
> > > ## pushing operations may be easier on hex addresses but the snmp and icmp
> > > ## commands operate on dotted decimal addresses.
> > > ##
> > >
> > > proc hex2ip { addr } {
> > > set ip ""
> > > for { set i 0 } { $i <= 3 } { incr i } {
> > > set o [expr $addr & 0xff]
> > > set addr [expr $addr >> 8]
> > > set ip [linsert $ip 0 $o]
> > > }
> > > return [join $ip "."]
> > > }
> > >
> > > ##
> > > ## Get the valid range of IP addresses in a network given an IP address
> > and
> > > ## a netmask. In order to make the discover smarter, make sure it does
> > not
> > > ## cross subnet boundaries.
> > > ##
> > >
> > > proc netrange { ipaddr mask } {
> > > set ipaddr [ip2hex $ipaddr]
> > > set mask [ip2hex $mask]
> > > set netnum [expr $ipaddr & $mask]
> > > set range [expr ~$mask]
> > > return "[hex2ip [expr $netnum + 1]] [hex2ip [expr $netnum + $range]]"
> > > }
> > >
> > > proc usage { } {
> > > puts stderr {usage: discover [-d delay] [-r retries] [-t timeout] [-w
> > window] [-snmp] [-icmp] network mask ?network ?mask}
> > > exit 42
> > > }
> > > if {$argv == ""} { usage }
> > >
> > > mib load rfc1213.mib
> > >
> > > set discover SnmpDiscover
> > > set delay 10
> > > set window 255
> > > set retries 2
> > > set timeout 5
> > >
> > > set newargv ""
> > > set parsing_options 1
> > > while {([llength $argv] > 0) && $parsing_options} {
> > > set arg [lindex $argv 0]
> > > set argv [lrange $argv 1 end]
> > > if {[string index $arg 0] == "-"} {
> > > switch -- $arg {
> > > "-d" {
> > > set delay [lindex $argv 0]
> > > set argv [lrange $argv 1 end]
> > > }
> > > "-r" {
> > > set retries [lindex $argv 0]
> > > set argv [lrange $argv 1 end]
> > > }
> > > "-t" {
> > > set timeout [lindex $argv 0]
> > > set argv [lrange $argv 1 end]
> > > }
> > > "-w" {
> > > set window [lindex $argv 0]
> > > set argv [lrange $argv 1 end]
> > > }
> > > "-snmp" { set discover SnmpDiscover }
> > > "-icmp" { set discover IcmpDiscover }
> > > "--" { set parsing_options 0 }
> > > }
> > > } else {
> > > set parsing_options 0
> > > lappend newargv $arg
> > > }
> > > }
> > > set argv [concat $newargv $argv]
> > > if { [expr [llength $argv] % 2] != 0 } { usage }
> > > while { [llength $argv] > 0 } {
> > > scan [lrange $argv 0 1] "%s %s" network mask
> > > set argv [lreplace $argv 0 1]
> > > if { [regexp $IP_ADDRESS $network] && [regexp $IP_ADDRESS $mask] } {
> > > $discover $network $mask $delay $window $retries $timeout
> > > } else {
> > > usage
> > > }
> > > }
> > > exit
> > >
>
> --
> ---
> ------
> Matthew Levine
> Development Test (Consumer Line Of Business)
> Cisco Systems, Santa Cruz http://www.cisco.com/
> mlevine@cisco.com (831) 457 - 5431
> --
> !! This message is brought to you via the `tkined & scotty' mailing list.
> !! Please do not reply to this message to unsubscribe. To subscribe or
> !! unsubscribe, send a mail message to <tkined-request@ibr.cs.tu-bs.de>.
> !! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/ for more information.
-- !! This message is brought to you via the `tkined & scotty' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to <tkined-request@ibr.cs.tu-bs.de>. !! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/ for more information.