grep has no effect - does not grep anything in this for loop

**LinuxChiq** · 12-01-2011

#!/bin/bash

for ip in $(seq 200 255); do
nc -vvz 192.168.15.$ip 25 |grep "open" &
done

Thats the code I have, I basically just want to find all the smtp servers in the range, I'm successfully doing it but want to see only the lines that have the word 'open' in it.

When I run the above script, it just shoots out everything as if the grep wasnt there. Not sure what is going on, I'm sure grep probably isn't broken..

**alf55** · 12-02-2011

Maybe the output of "nc" is going to stderr. Try:

Code:

#!/bin/bash

for ip in $(seq 200 255); do
  nc -vvz 192.168.15.$ip 25  2>&1  |  grep "open" &
done

The "2>&1" says redirect stderr and put it into stdout.

**gabolander** · 12-02-2011

Originally Posted by LinuxChiq

#!/bin/bash

for ip in $(seq 200 255); do
nc -vvz 192.168.15.$ip 25 |grep "open" &
done

Thats the code I have, I basically just want to find all the smtp servers in the range, I'm successfully doing it but want to see only the lines that have the word 'open' in it.

When I run the above script, it just shoots out everything as if the grep wasnt there. Not sure what is going on, I'm sure grep probably isn't broken..

1) Maybe you'd better search for "succeeded" instead of "open", since nc -vvz for a determined port returns that status.
2) I should avoid to put "&" at the and of grep, since it is a pipelined command, so in this way it sends grep commands in background, while running next ncs and running other greps in bg .. Mmh, smells something like to be an unpredictable behaviour or so. I should run all the commands inside the loop, in standard sequential way.

Regards

**atreyu** · 12-02-2011

alf55 should have solved you problem and I agree with gabolander on point 2, but I would do this with nmap (b/c nc can take longer, can hang and is not as robust):

Code:

#!/bin/bash
port=25
prot=tcp
for oct in $(seq 200 255); do
  ip=192.168.1.${oct}
  printf "IP address $ip is "
  out=$(nmap -n -p $port $ip)
  echo $out|grep -q Host\ seems\ down && echo down && continue
  printf "up and port $port is "
  state=$(printf "$out"|awk "/^${port}\/${prot}/{print \$2}")
  echo $state
done

**gabolander** · 12-02-2011

Originally Posted by atreyu

alf55 should have solved you problem and I agree with gabolander on point 2, but I would do this with nmap (b/c nc can take longer, can hang and is not as robust):

Code:

#!/bin/bash
port=25
prot=tcp
for oct in $(seq 200 255); do
  ip=192.168.1.${oct}
  printf "IP address $ip is "
  out=$(nmap -n -p $port $ip)
  echo $out|grep -q Host\ seems\ down && echo down && continue
  printf "up and port $port is "
  state=$(printf "$out"|awk "/^${port}\/${prot}/{print \$2}")
  echo $state
done

Nice your script too atreyu, when I you perform a wise use of nmap in conjunction with a smart awk arrangement!

Yes, I like best this way.

Great,
regards

gabo

**manojsamtani** · 12-03-2011

Originally Posted by alf55

Maybe the output of "nc" is going to stderr. Try:

Code:

#!/bin/bash

for ip in $(seq 200 255); do
  nc -vvz 192.168.15.$ip 25  2>&1  |  grep "open" &
done

The "2>&1" says redirect stderr and put it into stdout.

You can also use 'netstat -antp|grep port|grep -i open' this will show us open connections for port 25 or u can also check 'ss' command....

plz correct if wrong

**atreyu** · 12-03-2011

Originally Posted by manojsamtani

You can also use 'netstat -antp|grep port|grep -i open' this will show us open connections for port 25

That netstat command would just show what is listening on the local machine.

**LinuxChiq** · 12-05-2011

atreyu, I took out the nmap portion of your script and ran it just by itself to verify that it functions but it returned that every port had 25 open.

root~#: nmap -n -p 25 192.168.15.200-250

conversely, after adding 2>&1 to the script, it ran fine. detecting the following open smtp ports on the machines...

(UNKNOWN) [192.168.15.215] 25 (smtp) open
(UNKNOWN) [192.168.15.222] 25 (smtp) open
(UNKNOWN) [192.168.15.229] 25 (smtp) open
(UNKNOWN) [192.168.15.217] 25 (smtp) open
(UNKNOWN) [192.168.15.227] 25 (smtp) open

For the nmap command I tried other ways of scanning including

nmap -sS -p 25 182.168.15.200-250
nmap -sT -p 25 182.168.15.200-250
nmap -sV -p 25 182.168.15.200-250
nmap -sA -p 25 182.168.15.200-250
nmap -sU -p 25 182.168.15.200-250
etc

and they all came up with the same result that every port was open.. ?

**atreyu** · 12-06-2011

I'm not sure what you mean by 'every port open' - do you mean port 25 is open on every machine, and you know for a fact that it is not running on every machine? For example, I scanned a portion of my LAN, which has one SMTP server running:

Code:

# nmap -n -p 25 192.168.1.1-6|egrep ^'25|Nmap'
Starting Nmap 5.50 ( http://nmap.org ) at 2011-12-06 08:50 EST
Nmap scan report for 192.168.1.1
25/tcp closed smtp
Nmap scan report for 192.168.1.2
25/tcp closed smtp
Nmap scan report for 192.168.1.3
25/tcp closed smtp
Nmap scan report for 192.168.1.4
25/tcp open  smtp
Nmap scan report for 192.168.1.6
25/tcp closed smtp
Nmap done: 6 IP addresses (5 hosts up) scanned in 0.43 seconds
#

There is no machine @192.168.1.5, btw. This nc command corroborates the nmap results:

Code:

# for i in {1..6}; do nc -vzw 5 192.168.1.${i} 25;done
nc: connect to 192.168.1.1 port 25 (tcp) failed: Connection refused
nc: connect to 192.168.1.2 port 25 (tcp) failed: Connection refused
nc: connect to 192.168.1.3 port 25 (tcp) failed: Connection refused
Connection to 192.168.1.4 25 port [tcp/smtp] succeeded!
nc: connect to 192.168.1.5 port 25 (tcp) failed: No route to host
nc: connect to 192.168.1.6 port 25 (tcp) failed: Connection refused
#

Thread Tools

Display

grep has no effect - does not grep anything in this for loop

Posting Permissions