Extension attribute for displaying a Mac's active IP addresses

elliotjordan
Contributor III

Hi everybody,

It's often useful for me to be able to refer to the IP addresses in use by Macs according to Casper, and cross-reference them with network security appliance logs. I've used various extension attributes in the past to determine active IP addresses, but none of them produced exactly the output I was looking for.

Today with the help of @rustymyers, I threw together this extension attribute script that produces the output I need:

https://gist.github.com/homebysix/74129871b1d934408be4

The output will look something like this:

Wi-Fi (en0): 172.16.12.34
Display Ethernet (en21): 10.1.56.78

Hope that's helpful to at least a few of you!

5 REPLIES 5

mm2270
Legendary Contributor III

Nice. Kind of similar to this discussion from last year except that it was for a Self Service policy, not an EA.
https://jamfnation.jamfsoftware.com/discussion.html?id=11243

elliotjordan
Contributor III

I got some inspiration from that thread, but I didn't want to limit the output to the handful of port names that were specified in those scripts.

If Apple comes out with something called "USB-C Ethernet Adapter," I'd like to think my EA will continue working as-is. (Fingers crossed.)

nkalister
Valued Contributor

Hey elliot, that's really nice! I have a similar script, but it's not quite as flexible as yours. One other thing- I don't know if you wanted to capture them, but the extension attribute isn't reporting my VPN address. It looks like the DEVICE_PORTS array awk command is the culprit. The flags on the VPN connection are UP,POINTOPOINT,RUNNING,MULTICAST, so that awk is filtering them out.

I've used a loop like this in the past to grab the VPN IP's as well:

for i in $(ifconfig -a | grep "^utun*" | cut -d ":" -f 1); do
    Ifconfig_result=`ifconfig | grep -A2 "$i"`
    IP=`echo "$Ifconfig_result" | awk '/inet / && $2 != "127.0.0.1"{print $2}'`
    echo "Network port $i has IP address $IP"
done

elliotjordan
Contributor III

@nkalister Good catch! I've updated the script to catch ppp0 and other VPN ports. Since they're not listed in networksetup -listallhardwareports, I just gave them the name "Other." Would love help fixing that if anybody has ideas.

zanb
New Contributor III

This is something I made last September. Here are some examples of how it will print the result:

1 active IP

<result>1(en0:"USB Ethernet":192.168.0.10:DHCP)</result>

2 active IPs

<result>2(en0:"USB Ethernet":192.168.0.10:DHCP)(en1:"Wi-Fi":192.168.0.99:DHCP)</result>

Zero active IPs

<result>0</result>

Enjoy!

#!/bin/bash
#  Author  : Zan Bassi
#  Email   : zan@zeroonelabs.com
# # # # # #
# Build array of network interface hardware IDs
NICHIDs=( $(echo -e "open
list
quit" | scutil | grep -E "Setup.*Service/[A-Z0-9]{8}-[A-Z0-9]{4}-[A-Z0-9]{4}-[A-Z0-9]{4}-[A-Z0-9]{12}$" | awk -F"/" '{print $NF}') )
activeNICarray=()
activeNICcount=""
# Gets the device ID for Wi-Fi (e.g. "en0")
wifiNICid="$(echo -e "open
list
quit" | scutil | grep -E "Setup.*AirPort" | awk -F"/" '{print $4}')"
wifipower="$(networksetup -getairportpower "${wifiNICid}" | awk '{ print $NF }')"
#
_buildNICarray () {
# Get the service name of each of the NIC HIDs
for NICHID in "${NICHIDs[@]}";do
# Set this to NULL.
NICip=""
# This prints out the device ID of the NIC (e.g. "en0" or "fw1").
NICdevice="$(echo -e "open
show Setup:/Network/Service/${NICHID}/Interface
d.show
quit" | scutil | grep DeviceName | awk -F " : " '{print $2}')"
# This gets the name of the network service (e.g. "Display Ethernet 2").
NICname="$(echo -e "open
get Setup:/Network/Service/${NICHID}
d.show
quit" | scutil | grep UserDefinedName | awk -F " : " '{print $2}')"
# This captures the method of connection. E.g. "DHCP" or "PPPoE".
NICtype="$(echo -e "open
show Setup:/Network/Service/${NICHID}/IPv4
d.show
quit" | scutil | grep ConfigMethod | awk -F " : " '{print $2}')"
# Does the service have an IP?
if [[ ! "$(networksetup -getinfo "${NICname}" | grep -v IPv6 | grep "IP address" | awk -F": " '{print $2}')" = "" ]];then
NICip=":$(networksetup -getinfo "${NICname}" | grep -v IPv6 | grep "IP address" | awk -F": " '{print $2}')"
fi
# As you see above I set NICip to NULL to gauge which service has an IP.
# Now wer're going to store each value as a colon-separated value within an array.
# This way we can stat the array and build keys within each indice.
masterNICarray+=( "${NICdevice}:"${NICname}"${NICip}:${NICtype}" )
done
}
_buildActiveNICarray () {
# Gotta reset values when this function is called again, otherwise we will
# be flooding the array with additional indicies.
activeNICarray=()
activeNICcount=""
for NICinfo in "${masterNICarray[@]}";do
# If the indicie fits the format of a IPv4 address:
if [[ $(echo $NICinfo | awk -F":" '$3 ~ /[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}'/) ]];then
# Add it to the array.
activeNICarray+=( "$(echo $NICinfo | awk -F":" '{print $1":"$2":"$3":"$4}')" )
fi
done
activeNICcount="${#activeNICarray[@]}"
}
_buildNICarray
_buildActiveNICarray
_printVars () {
echo -n "<result>"
echo -n ${#activeNICarray[@]}
for activeNIC in "${activeNICarray[@]}";do
echo -n "(${activeNIC})"
done
echo "</result>"
exit
}
_printVars
exit