IP Whois Resolution and Parsing
Project description
ipwhois is a simple package for retrieving and parsing whois data for IPv4 and IPv6 addresses.
The various NICs are pretty inconsistent with formatting Whois results and the information contained within. I am still working through how to parse some of these fields in to standard dictionary keys.
This version requires Python 3.3+ (for the ipaddress library) and dnspython3.
Usage Examples
Typical usage:
>>>> from ipwhois import IPWhois >>>> from pprint import pprint >>>> obj = IPWhois('74.125.225.229') >>>> results = obj.lookup() >>>> pprint(results) { 'asn': '15169', 'asn_cidr': '74.125.225.0/24', 'asn_country_code': 'US', 'asn_date': '2007-03-13', 'asn_registry': 'arin', 'nets': [{'abuse_emails': 'arin-contact@google.com', 'address': '1600 Amphitheatre Parkway', 'cidr': '74.125.0.0/16', 'city': 'Mountain View', 'country': 'US', 'description': 'Google Inc.', 'misc_emails': None, 'name': 'GOOGLE', 'postal_code': '94043', 'state': 'CA', 'tech_emails': 'arin-contact@google.com'}], 'query': '74.125.225.229', 'raw': None }
REST (HTTP):
>>>> from ipwhois import IPWhois >>>> from pprint import pprint >>>> obj = IPWhois('74.125.225.229') >>>> results = obj.lookup_rws() >>>> pprint(results) { 'asn': '15169', 'asn_cidr': '74.125.225.0/24', 'asn_country_code': 'US', 'asn_date': '2007-03-13', 'asn_registry': 'arin', 'nets': [{'abuse_emails': 'arin-contact@google.com', 'address': '1600 Amphitheatre Parkway', 'cidr': '74.125.0.0/16', 'city': 'Mountain View', 'country': 'US', 'description': 'Google Inc.', 'misc_emails': None, 'name': 'GOOGLE', 'postal_code': '94043', 'state': 'CA', 'tech_emails': 'arin-contact@google.com'}], 'query': '74.125.225.229', 'raw': None }
Proxy:
>>>> from urllib import request >>>> from ipwhois import IPWhois >>>> handler = request.ProxyHandler({'http': 'http://192.168.0.1:80/'}) >>>> opener = request.build_opener(handler) >>>> obj = IPWhois('74.125.225.229', proxy_opener = opener)
Hostname:
>>>> from ipwhois import IPWhois >>>> from pprint import pprint >>>> obj = IPWhois('74.125.225.229') >>>> results = obj.get_host() >>>> pprint(results) ('dfw06s26-in-f5.1e100.net', [], ['74.125.225.229'])
Countries:
>>>> from ipwhois import IPWhois >>>> from ipwhois.utils import get_countries >>>> countries = get_countries() >>>> obj = IPWhois('74.125.225.229') >>>> results = obj.lookup(False) >>>> print(countries[results['nets'][0]['country']]) United States
Installing
Latest version from PyPi:
pip install ipwhois
Latest version from GitHub:
pip install -e git+https://github.com/secynic/ipwhois@master#egg=ipwhois
Parsing
Parsing is currently limited to CIDR, country, name, description, state, city, address, postal_code, abuse_emails, tech_emails, and misc_emails fields. This is assuming that those fields are present.
Some IPs have parent networks listed. The parser attempts to recognize this, and break the networks into individual dictionaries. If a single network has multiple CIDRs, they will be separated by ‘, ‘.
Sometimes, you will see whois information with multiple consecutive same name fields, e.g., Description: some text\nDescription: more text. The parser will recognize this and the returned result will have these separated by ‘\n’.
REST (HTTP)
IPWhois.lookup_rws() should be faster than IPWhois.lookup(), but may not be as reliable. APNIC, LACNIC, and AFRINIC do not have a Whois-RWS service yet. We have to rely on the Ripe RWS service, which does not contain all of the data we need.
Changelog
0.3.0 (2013-09-30)
Fixed get_countries() to work with frozen executables.
Added dnspython3 rdtypes import to fix issue with frozen executables.
Moved iso_3166-1_list_en.xml to /data.
Added retry_count to IPWhois.lookup() and IPWhois.lookup_rws().
0.2.1 (2013-09-27)
Fixed LACNIC CIDR validation on IPWhois.lookup().
Fixed bug in IPWhois.get_whois() for query rate limiting. This was discovered via testing multiprocessing with 8+ processes running asynchronously.
0.2.0 (2013-09-23)
Added support for emails (keys: abuse_emails, tech_emails, misc_emails).
Changed regex to use group naming for more complex searching.
Added some missing exception handling in lookup_rws().
0.1.9 (2013-09-18)
Added exceptions to import in __init__.py.
Added IPWhois.__repr__().
Moved exceptions to get_*() functions.
Added exception HostLookupError.
Various optimizations.
Added some unit tests.
0.1.8 (2013-09-17)
Removed set_proxy() in favor of having the user provide their own urllib.request.OpenerDirector instance as a parameter to IPWhois().
Restructured package in favor of modularity. get_countries() is now located in ipwhois.utils.
Added exception WhoisLookupError for IPWhois.lookup() and IPWhois.lookup_rws().
0.1.7 (2013-09-16)
Fixed bug in set_proxy().
Removed ARIN top level network entries from return dictionary of IPWhois.lookup_rws().
Fixed bug in ARIN RWS parsing when only one network.
0.1.6 (2013-09-16)
Added IPWhois.get_host() to resolve hostname information.
Added address and postal_code fields to parsed results.
Normalized single/double quote use.
0.1.5 (2013-09-13)
Added set_proxy() function for proxy support in Whois-RWS queries.
Added IPWhois.lookup_rws() function for Whois-RWS queries.
0.1.4 (2013-09-12)
Added validity checks for the asn_registry value due to a bug in the Team Cymru ASN lookup over night.
Added timeout argument to IPWhois(). This is the default timeout in seconds for socket connections.
Fixed decoding issue in IPWhois.get_whois().
0.1.3 (2013-09-11)
Added exception handling with query retry support for socket errors, timeouts, connection resets.
Moved ASN queries to their own functions (IPWhois.get_asn_dns() and IPWhois.get_asn_whois())
Moved whois query to its own function (IPWhois.get_whois())
Country codes are now forced as upper case in the return dictionary.
0.1.2 (2013-09-10)
Fixed file path for get_countries().
Fixed variable names that conflicted with builtins.
Added content to README.
Moved CHANGES.txt to CHANGES.rst and added to setup.py.
Download URL now points to GitHub master tarball.
0.1.1 (2013-09-09)
Fixed README issue.
0.1.0 (2013-09-06)
Initial release.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file ipwhois-0.3.0.zip
.
File metadata
- Download URL: ipwhois-0.3.0.zip
- Upload date:
- Size: 21.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6b98eccf73a84482462e1c3d4bef0c8c0de0413afad7a697ec3a07ec9cc5102c |
|
MD5 | eca8f6ed10880f5a23a659e4b77c3be4 |
|
BLAKE2b-256 | e5dd7b92aa5f79e80ba464595e882c56ad2166f3672ac6132fbde1f856636259 |