Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tuxxy/ip-location-map

Last synced: 5 days ago
JSON representation

Host: GitHub
URL: https://github.com/tuxxy/ip-location-map
Owner: tuxxy
Created: 2015-03-31T21:40:21.000Z (over 9 years ago)
Default Branch: master
Last Pushed: 2016-05-27T11:25:27.000Z (over 8 years ago)
Last Synced: 2023-03-01T02:36:58.569Z (over 1 year ago)
Language: Python
Size: 14.6 KB
Stars: 44
Watchers: 3
Forks: 13
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# ip-location-map

Here are some python scripts you can use to plot ip-addresses on a map

If you don't have a non-free email account and can't get an API key, see the [freegeoip branch](https://github.com/tuxmascot/ip-location-map/tree/freegeoip).

### Dependencies:

* [matplotlib basemap](http://matplotlib.org/basemap/)
* [pyipinfodb](https://github.com/mossberg/pyipinfodb)

You can install pyipinfodb very easily with the requirements.txt file:

pip install -r requirements.txt

This will satisfy the pyipinfodb dependency, but, as of the current release, you will still need to install matplotlib basemap manually.

### Short usage guide:

* First, you need to get an API key for [ipinfodb](http://ipinfodb.com/)

* Put your IP-addresses in a file called **ips.txt**, with one IP on each line. (Note: only tested with IPv4)

* Run the **getlocation.py** script, like so: `python getlocation.py < ips.txt > geo.txt` It will create a file called **geo.txt**, which contains coordinates on each line.

* Finally, run the **generatemap.py** script, like so: `python generatemap.py < geo.txt` It will create an image file called map.png.

You can play around with the settings in **generatemap.py**, to use different map projections, different colors and so on.

I used this to plot refused SSH connections on my linux machine. I used the following command to fill ips.txt:

grep "refused" /var/log/auth.log | awk '{ print $9 }' | sort | uniq > ips.txt

You can also run the whole process as a single pipeline:

grep "refused" /var/log/auth.log | awk '{ print $9 }' | sort | uniq | python getlocation.py | python generatemap.py

Note that I grep for lines with "refused". These are connections refused because of rules in /etc/hosts.deny and /etc/hosts.allow. You may need to change the command to suit your configuration.