如何解析外部地址列中的IP地址并将其重定向到nslookup而忽略其他所有内容?
Proto Local Address Foreign Address State PID TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING 2076 TCP 127.0.0.1:5354 127.0.0.1:49671 ESTABLISHED 2076 TCP 127.0.0.1:5354 127.0.0.1:49672 ESTABLISHED 2076 TCP 127.0.0.1:27015 0.0.0.0:0 LISTENING 1360 TCP 127.0.0.1:27015 127.0.0.1:51666 ESTABLISHED 1360 TCP 127.0.0.1:49671 127.0.0.1:5354 ESTABLISHED 1360 TCP 127.0.0.1:49672 127.0.0.1:5354 ESTABLISHED 1360 TCP 127.0.0.1:49769 127.0.0.1:49770 ESTABLISHED 7916 TCP 127.0.0.1:49770 127.0.0.1:49769 ESTABLISHED 7916 TCP 127.0.0.1:49773 127.0.0.1:49774 ESTABLISHED 6952 TCP 127.0.0.1:49774 127.0.0.1:49773 ESTABLISHED 6952 TCP 127.0.0.1:51666 127.0.0.1:27015 ESTABLISHED 7944 TCP 192.168.1.4:139 0.0.0.0:0 LISTENING 4 TCP 192.168.1.4:50031 40.77.229.23:443 ESTABLISHED 3268 TCP 192.168.1.4:50047 17.252.60.32:5223 ESTABLISHED 8684 TCP 192.168.1.4:50197 104.82.252.232:443 CLOSE_WAIT 12640 TCP 192.168.1.4:50198 104.82.252.232:443 CLOSE_WAIT 12640
答案 0 :(得分:0)
尝试此操作,仅限于IPv4地址。
@Echo off
For /f "tokens=3" %%A in (
'netstat -n -o ^| find /V "[" ^| find ":"'
) Do For /f "tokens=1,2 delims=:" %%B in ("%%A"
) Do For /f "tokens=2 delims=: " %%D in (
'nslookup %%B ^| findstr /i "^Name:" ^|find /v "localhost"'
) Do Echo %%B:%%C %%D
Goto :Eof
示例缩短输出:
212.227.17.178:993 imap.web.de
40.77.229.46:443 db5sch101101929.wns.windows.com
40.77.229.3:443 db5sch101100831.wns.windows.com
40.77.229.64:443 db5sch101110343.wns.windows.com
54.149.244.33:443 ec2-54-149-244-33.us-west-2.compute.amazonaws.com
212.227.17.162:993 imap.web.de
212.227.15.171:993 imap.1und1.de
第一个用于从netstat输出中解析ip:port,丢弃IPv6结果 第二个用于拆分ip和端口 第3个用于解析netstat输出