#
Context
You’re investigating an incident, a bug, what have you, and you’re dealing with lots of IP addresses.
You’d like a way to find out where is that IP address from so you can get a rough idea of who’s who.
A whole host of websites allow you to geolocate IP addresses (iplocation.net for instance). But that’s not fast enough, and probably won’t scale if you need to batch process IPs.
#
Bash function FTW
This bash function goes in your .bashrc
file, and fetches all the geolocation you need for a given IP address.
1
2
3
4
5
6
7
8
9
10
11
12
| function freegeoip () {
# Get result from freegeoip API
local FGIP_RES=$(curl --request GET --url https://freegeoip.live/json/$1 header 'accept: application/json' --header 'content-type: application/json' -s)
local LAT=$(echo $FGIP_RES | jq .latitude)
local LON=$(echo $FGIP_RES | jq .longitude)
echo $FGIP_RES | jq
# Get approximate location from GPS coordinates
curl --request GET --url "https://nominatim.openstreetmap.org/reverse?format=jsonv2&lat=$LAT&lon=$LON" --header 'accept: application/json' --header 'content-type: application/json' -s | jq .address
}
|
Function requires curl & jq.
#
Usage
To find your own IP address & location, simply run freegeoip
.
To locate another address, pass it as an argument. For example freegeoip 1.1.1.1
returns 👇.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| {
"ip": "1.1.1.1",
"country_code": "AU",
"country_name": "Australia",
"region_code": "",
"region_name": "",
"city": "",
"zip_code": "",
"time_zone": "Australia/Sydney",
"latitude": -33.494,
"longitude": 143.2104,
"metro_code": 0
}
{
"road": "Gol Gol Road",
"municipality": "Wentworth Shire Council",
"county": "Balranald Shire Council",
"state": "New South Wales",
"country": "Australia",
"country_code": "au"
}
|