Help With Looping to find particular values in array

This topic contains 1 reply, has 2 voices, and was last updated by  random commandline 9 months, 2 weeks ago.

  • Author
    Posts
  • #61519

    Brad Dworkin
    Participant

    Hi All,

    I'm stumped on this script that is 80 percent done but having trouble getting loop working correctly. The goal of this script is to find MAC Address in ARP table whose prefix matches that of ones in a array. Those that match have a particular action taken against it.

    Steps Broken Down:

    1) Find IP address(s) of active adapter
    2) Ping every address on network to build out ARP table
    3) Used custom build function for converting results of "arp -a" into object.
    4) Defined array for all prefixes to be searched for
    5) Foreach loop for evaluatign each arp entry and converting into prefix for comparison to each prefix in array
    6) Do Loop inside foreach that takes the current ARP entry and checks to see if it matches each entry in $ubiquitis. There is control variable that increments in each cycle of the do loop that stops after 14 which is size of array.

    Problem:

    foreach seems to cycle properly through each mac prefix but it doesn't take appropriate action when it comes to finding a match for particular MAC that should line up with value 14 in the array. When manually setting $arptable3 to "80-2a-a8" it works fine from the if construct down.

    HELP!!! I think somehting is not right with the variable assignments or loop constructs.

    $ip=gwmi Win32_NetworkAdapterConfiguration |
    Where { $_.IPAddress } | # filter the objects where an address actually exists
    Select -Expand IPAddress | # retrieve only the property *value*
    Where { $_ -like '192.168.*' }
    $ipstart=$ip.Substring(0,11)
    $ipstartvalue="1"
    $ipaddress=$ipstart + $ipstartvalue
    [int]$control=1

    Do {
    Test-Connection -ComputerName $ipaddress -Count 2 -BufferSize 16
    $control=$control + 1
    $ipstart=$ip.Substring(0,11)
    $ipaddress=$ipstart + $control
    }Until ($control -gt "254")
    $arptable=arp -a
    $ubiquitis=@("00156d","00-1b-67","00-27-22","6c-5e-7a","00-15-6d","00-1b-67","00-27-22","04-18-d6","24-a4-3c","30-15-18","68-72-51","6c-5e-7a","9c-b0-08","dc-9f-db","80-2a-a8")
    $arp = "(?(\d{1,3}\.){3}\d{1,3})\s+(?(\w{2}-){5}\w{2})\s+(?\w+$)"
    $arptables=arp -g | select -skip 3 | foreach {$_.Trim()} | convertfrom-text $arp
    $arptables=$arptables | ? {$_.type -eq "dynamic"}
    foreach ($arptable in $arptables){
    $arptable3=$arptable.mac
    $arptable3=$arptable3.substring(0,8)
    [int]$arraycontrol=0
    #start of do until loop to increment array value until last is entry is reached
    do {
    if ($arptable3 -eq $ubiquitis[14]){
    $ipaddressfinal=$arptable.ipaddress
    Start-Process 'C:\Users\Conference Rm – PC\Downloads\putty.exe' -ArgumentList -ssh admin@$arptable.ipaddress -pw 1234
    $arraycontrol=$arraycontrol + 1

    }
    else{
    write-host "No Match. Looking at Next MAC Entry" -ForegroundColor Blue
    $arraycontrol=$arraycontrol + 1
    }
    }until ($arraycontrol -gt "14")
    }

  • #61524

    random commandline
    Participant

    If I am understanding you, this is what you want to happen.
    1. Foreach arptable entry, compare the first 3 octets to your $ubiquitis array.
    2. If octets match, run start-process.
    Also, I cleaned up the code alittle and removed the last Do loop.

    Tips:
    1. Enclose code blocks in 'pre' and '/pre' to format it
    2. Don't use Where-Object cmdlet use -Filter, it is faster.
    3. ConvertFrom-Csv will convert text to objects.
    4. When comparing array entries, you can use -contains.

    Write-Verbose "Getting IP Addresses" -Verbose
    $ip = Get-WmiObject win32_networkadapterconfiguration -Filter "IPEnabled = 'True'" |
    Select-Object @{n='IPAddress';exp={$_.IPAddress[0]}} 
    $ipstart = $ip.ipaddress.substring(0,11)
    
    $ipstartvalue="1"
    $ipaddress=$ipstart + $ipstartvalue
    $control = 1
    
    Write-Verbose "Ping and Build ARP Table" -Verbose
    Do {
        Test-Connection -ComputerName $ipaddress -Count 2 -BufferSize 16
        $control++
        $ipstart=$ip.Substring(0,11)
        $ipaddress = $ipstart + $control
    }Until ($control -gt "254")
    
    Write-Verbose "Convert ARP table to objects" -Verbose
    $ubiquitis = @("00156d","00-1b-67","00-27-22","6c-5e-7a","00-15-6d",
    "00-1b-67","00-27-22","04-18-d6","24-a4-3c","30-15-18","68-72-51",
    "6c-5e-7a","9c-b0-08","dc-9f-db","80-2a-a8")
    
    $arptable = arp -g | Select-Object -skip 3 | foreach {$_.Trim()} 
    $arptable = $arptable -replace '\s+',',' | 
    ConvertFrom-Csv -Header 'IPAddress','MAC','Type'
    $arptable = $arptable | ? {$_.type -eq "dynamic"}
    
    Write-Verbose "Evaluate ARP entries" -Verbose
    foreach ($a in $arptable){
        $arptable3=$a.mac
        $arptable3=$arptable3.substring(0,8)
        [int]$arraycontrol=0
    
        if ($ubiquitis -contains $arptable3){
            Write-Verbose "Match found for $arptable3" -Verbose
            Start-Process 'C:\Users\Conference Rm – PC\Downloads\putty.exe' -ArgumentList -ssh admin@$a.ipaddress -pw 1234
            $arraycontrol++
        }
        else{
            write-host "No Match. Looking at Next MAC Entry" -ForegroundColor Blue
            $arraycontrol++}
    }
    

You must be logged in to reply to this topic.