4 hath \- Manipulate network blocks in CIDR notation
7 \fBhath\fR [\fBregexed|reduced|duped|diffed|listed|reversed\fR] [\fB\-hb\fR] \fI<input>\fR
10 The \fIinput\fR (stdin) should be a list of CIDR blocks, separated by
11 whitespace. Empty lines will be ignored, but otherwise, malformed
12 entries will cause an error to be displayed.
15 Hath is a Haskell program for working with network blocks in CIDR
16 notation. When dealing with blocks of network addresses, there are a
17 few things that one usually wants to do with them:
19 Create a regular expression matching the CIDR block(s). This is
20 because grep will throw up if you feed it CIDR.
22 Combine small blocks into larger ones. For example, if you have two
23 consecutive /24s, they might combine into a larger /23.
25 View the result of block combination in a useful way.
29 Find their associated PTR records.
31 Hath does just that. It takes as its input (via stdin) a list of CIDR
35 Hath has several modes:
39 This computes a (Perl-compatible) regular expression matching
40 the input CIDR blocks. It's the default mode of operation.
43 .I $ hath <<< \(dq10.0.0.0/29 10.0.0.8/29\(dq
44 ((10)\.(0)\.(0)\.(0|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15))
49 This combines small blocks into larger ones where possible, and
50 eliminates redundant blocks. The output should be equivalent to
54 .I $ hath reduced <<< \(dq10.0.0.0/24 10.0.1.0/24\(dq
60 Shows only the blocks that would be removed by reduce; that is, it
61 shows the ones that would get combined into larger blocks or are
65 .I $ hath duped <<< \(dq10.0.0.0/24 10.0.1.0/24\(dq
72 Shows what would change if you used reduce. Uses diff-like
76 .I $ hath diffed <<< \(dq10.0.0.0/24 10.0.1.0/24\(dq
84 List the IP addresses contained within the given CIDRs.
87 .I $ hath listed <<< \(dq192.168.0.240/29\(dq
100 Perform reverse DNS (PTR) lookups on the IP addresses contained within
104 .I $ hath reversed <<< \(dq198.41.0.4/30\(dq
105 198.41.0.4: a.root-servers.net.
107 198.41.0.6: rs.internic.net.
111 The DNS lookups are usually the bottleneck for this mode, but we can
112 perform them in parallel. Simply pass the number of threads to the GHC
113 runtime on the command line; for example, the following will perform
114 25 lookups in parallel:
117 .I $ hath reversed +RTS -N25 <<< \(dq198.41.0.4/24\(dq
118 198.41.0.4: a.root-servers.net.
120 198.41.0.6: rs.internic.net.
126 .IP \fB\-\-barriers\fR,\ \fB\-b\fR
127 (regexed mode only) place barriers in front/back of the regex to
128 prevent e.g. '127.0.0.1' from matching '127.0.0.100'. The downside is
129 that the resulting regexp will match something that is not an IP
130 address, and this messes up e.g. \fIgrep -o\fR.
133 Without \fB\-\-barriers\fR, you can match things you shouldn't:
136 .I $ echo \(dq127.0.0.100\(dq | grep -P $(hath <<< \(dq127.0.0.1/32\(dq)
141 Using \fB\-\-barriers\fR can prevent this:
144 .I $ echo \(dq127.0.0.100\(dq | grep -P $(hath -b <<< \(dq127.0.0.1/32\(dq)
150 But, this may also cause the regex to match something that isn't an IP
154 .I $ echo \(dqx127.0.0.1x\(dq | grep -Po $(hath -b <<< \(dq127.0.0.1/32\(dq)