如何一次 grep 来自 whois 命令的 3 个结果？

Question

重击 4.3
Ubuntu 16.04

每个while read 循环都需要我不到一秒钟的时间来完成。如何同时 grep 3 个结果？

#!/bin/bash

#-- tmp files
tmp_dir="$(mktemp -d -t 'text.XXXXX' || mktemp -d 2>/dev/null)"
tmp_input1="${tmp_dir}/temp_input1.txt"
tmp_input2="${tmp_dir}/temp_input2.txt"
wDir="/home/work"
list="${wDir}/.ip-list.txt"
finalResults="${wDir}/final-results.txt"

cd "$wDir"
awk '{ print $11 }' "$list" | sort -u > "$tmp_input1"
while read ip; do
   echo "-- IP Address: $ip" >> "$tmp_input2"
   whois "$ip" | grep inetnum >> "$tmp_input2"
   whois "$ip" | grep route >> "$tmp_input2"
   whois "$ip" | grep mnt-by | head -n 2 | sed -n '1!p' >> "$tmp_input2"
   echo "" >> "$tmp_input2"
done<"$tmp_input1"
mv "$tmp_input2" "$finalResults"
cat "$finalResults"
rm -rf "$tmp_dir"

这是我的 .ip-list.txt 文件

> Tue Oct 16 21:15:59 2018 TCP 147.135.23.98 80 => 95.217.197.238 62293
> Tue Oct 16 21:16:52 2018 TCP 147.135.23.98 1160 => 95.217.243.116 44076
> Tue Oct 16 21:16:51 2018 TCP 147.135.23.98 1160 => 159.69.253.26 43842
> Tue Oct 16 21:16:47 2018 TCP 147.135.23.98 1160 => 95.217.49.21 13288
> Tue Oct 16 21:16:18 2018 TCP 147.135.23.98 80 => 95.217.223.72 21969
> Tue Oct 16 21:16:42 2018 TCP 147.135.23.98 1160 => 95.216.232.46 9834
> Tue Oct 16 21:16:54 2018 TCP 147.135.23.98 1160 => 88.198.149.27 23388
> Tue Oct 16 21:15:57 2018 TCP 147.135.23.98 80 => 95.217.72.11 38498
> Tue Oct 16 21:16:41 2018 TCP 147.135.23.98 1160 => 159.69.250.160 8549
> Tue Oct 16 21:16:27 2018 TCP 147.135.23.98 80 => 95.217.57.97 52546
> Tue Oct 16 21:16:28 2018 TCP 147.135.23.98 80 => 95.216.225.43 60635
> Tue Oct 16 21:16:32 2018 TCP 147.135.23.98 80 => 213.239.244.5 17729
> Tue Oct 16 21:16:05 2018 TCP 147.135.23.98 80 => 95.217.27.233 24669
> Tue Oct 16 21:16:46 2018 TCP 147.135.23.98 1160 => 94.130.60.83 21203
> Tue Oct 16 21:16:52 2018 TCP 147.135.23.98 1160 => 95.217.191.48 1070
> Tue Oct 16 21:16:22 2018 TCP 147.135.23.98 80 => 95.217.219.152 15617
> Tue Oct 16 21:16:44 2018 TCP 147.135.23.98 1160 => 95.217.35.111 55808
> Tue Oct 16 21:16:46 2018 TCP 147.135.23.98 1160 => 95.216.224.158 37768
> Tue Oct 16 21:16:13 2018 TCP 147.135.23.98 80 => 159.69.241.84 24365
> Tue Oct 16 21:16:21 2018 TCP 147.135.23.98 80 => 95.217.169.49 33710
> Tue Oct 16 21:16:07 2018 TCP 147.135.23.98 80 => 95.217.186.121 21758
> Tue Oct 16 21:16:00 2018 TCP 147.135.23.98 80 => 78.47.228.239 21199
> Tue Oct 16 21:16:30 2018 TCP 147.135.23.98 80 => 95.217.23.171 8670
> Tue Oct 16 21:16:49 2018 TCP 147.135.23.98 1160 => 95.216.244.96 22087
> Tue Oct 16 21:16:20 2018 TCP 147.135.23.98 80 => 95.217.64.54 13638
> Tue Oct 16 21:16:40 2018 TCP 147.135.23.98 1160 => 95.217.55.104 3377
> Tue Oct 16 21:16:09 2018 TCP 147.135.23.98 80 => 95.217.242.169 13627
> Tue Oct 16 21:16:54 2018 TCP 147.135.23.98 1160 => 95.217.192.169 6566
> Tue Oct 16 21:16:53 2018 TCP 147.135.23.98 1160 => 95.217.101.221 41547
> Tue Oct 16 21:16:54 2018 TCP 147.135.23.98 1160 => 159.69.227.235 62092
> Tue Oct 16 21:16:45 2018 TCP 147.135.23.98 1160 => 95.217.235.228 63643
> Tue Oct 16 21:16:08 2018 TCP 147.135.23.98 80 => 95.216.227.162 51332
> Tue Oct 16 21:16:54 2018 TCP 147.135.23.98 1160 => 95.217.68.128 38480

有数百行。

如何使这些命令更高效？可以合并吗？

   whois "$ip" | grep inetnum >> "$tmp_input2"
   whois "$ip" | grep route >> "$tmp_input2"
   whois "$ip" | grep mnt-by | head -n 2 | sed -n '1!p' >> "$tmp_input2"

Answer 1

将whois "$ip" 的输出写入变量并使用变量：

grep -e 'inetnum' -e 'route' <<< "$out" >> "$tmp_input2"
grep 'mnt-by' <<< "$out" | sed '2!d' >> "$tmp_input2"

Answer 2

不是这样。

前两个grep，可以替换为

谁是“$ip”| egrep 'inetnum|route' >> "$tmp_input2"

但是因为您将第三个 grep 放入了额外的过滤器，所以您不能将那个添加到 egrep。

但是grep 不是问题； whois 是大消费者。并且你多次运行它。

所以，限制whois-es 的数量是个好主意。

hop=$(mktemp)
while read ip; do
    echo "-- IP Address: $ip" >> "$tmp_input2"
    whois "$ip" > $hop 
    grep inetnum $hop >> "$tmp_input2"
    grep route   $hop >> "$tmp_input2"
    grep mnt-by  $hop | head -n 2 | sed -n '1!p' >> "$tmp_input2"
    echo "" >> "$tmp_input2"
done<"$tmp_input1
rm -f $hop