check the Windows DNS server for forwarders that are private IP addresses.

Welcome Forums General PowerShell Q&A check the Windows DNS server for forwarders that are private IP addresses.

This topic contains 4 replies, has 3 voices, and was last updated by

 
Participant
2 years, 5 months ago.

  • Author
    Posts
  • #59506

    Participant
    Topics: 1
    Replies: 1
    Points: 0
    Rank: Member

    Hi all. I'm new to Powershell.

    My task is to check a Windows DNS server for forwarders that are private IP addresses.
    I can't do integer operations on what I get back from the Get-DnsServerForwarder cmdlet. I think it returns an object or something other than an integer. I'd like to do submasking operations to check for private addresses. If that is po!ssible in powershell.
    Thanks

  • #59533

    Participant
    Topics: 1
    Replies: 284
    Points: 41
    Rank: Member

    Not sure about the subnet masking operations. That sounds tricky.

    I would just treat the IP addresses as strings, split them on the dots and then check the value of the octet to determine if it's a public or private address:

    $ipAddresses = Get-DnsServerForwarder | Select -ExpandProperty IPAddress
    
    foreach ($ipAddress in $ipAddresses) {
    
        $splitIp = $ipAddress.ToString().Split('.')
    
        if (($splitIp[0] -eq '10') -or ($splitIp[0] -eq '172' -and $splitIp[1] -le '32') -or($splitIp[0] -eq '192' -and $splitIp[1] -eq '168')) {
    
            Write-Output "$ipAddress is a private address"
    
        }
    
        else {
         
            Write-Output "$ipAddress is a public address"
        } 
    
    }
    
  • #59593

    Participant
    Topics: 2
    Replies: 376
    Points: 0
    Rank: Member

    you also can use
    $forwarder.IPAddress.GetAddressBytes()
    and use it with integer operations

    btw, Matt, 172 range starts with 16 and ends with 31, so ($splitIp[0] -eq '172' -and $splitIp[1] -le '31' -and $splitIp[1] -ge '16')

    and with integers it can be something like
    ($bytes[0] -eq 10) -or
    ($bytes[0] -eq 172 -and $bytes[1] -in 16..31) -or
    ($bytes[0] -eq 192 -and $bytes[1] -eq 168)

    • #59704

      Participant
      Topics: 1
      Replies: 284
      Points: 41
      Rank: Member

      Thanks, Max. I can never remember the 172 block. I even had the Wiki open and still got it wrong!

  • #59658

    Participant
    Topics: 1
    Replies: 1
    Points: 0
    Rank: Member

    hey, thanks!
    I came up with a solution. I need my script to somewhat readable for QA. so I've hard coded the testing range values in decimal in vars for them so they can see the dotted equivalence:
    ${192.168.0.0}=3232234520
    ${192.168.255.255}=3232301055
    ${10.0.0.0}=268435456
    ${10.255.255.255}=1109530071637
    ${172.16.0.0}=24253952
    ${172.31.255.255}=1589962429013

    It's rudimentary but I'm learning.
    I greatly appreciate the replies and hope to contribute to the forum

The topic ‘check the Windows DNS server for forwarders that are private IP addresses.’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort