wireshark/doc/mmdbresolve.pod


=head1 NAME

mmdbresolve - Read IPv4 and IPv6 addresses and print their IP geolocation information.

=head1 SYNOPSIS

B<mmdbresolve>
S<B<-f E<lt>dbfileE<gt>>>
S<[ B<-f E<lt>dbfileE<gt>> ]>
I<...>

=head1 DESCRIPTION

B<mmdbresolve> reads IPv4 and IPv6 addresses on stdin and prints their IP geolocation information
on stdout. Each input line must contain exactly one address. Output is in INI format, with a section
delimiter named after the query address followed by a set of "key: value" pairs. A comment
beginning with "# End" is appended to each section.

At startup an "[init]" section is printed that shows the status of each datbase and of mmdbresolve
itself.

=head1 OPTIONS

=over 4

=item -f

Path to a MaxMind Database file. Multiple databases may be specified.

=back

=head1 EXAMPLES

To resolve a single address:

    echo 4.4.4.4 | mmdbresolve -f /usr/share/GeoIP/GeoLite2-City.mmdb

  Example output:
[init]
db.0.path: /usr/share/GeoIP/GeoLite2-City.mmdb
db.0.status: OK
mmdbresolve.status: true
# End init
[4.4.4.4]
# GeoLite2-City
country.iso_code: US
country.names.en: United States
location.latitude: 37.751000
location.longitude: -97.822000
# End 4.4.4.4

=head1 SEE ALSO

wireshark(1), tshark(1)

=head1 NOTES

B<mmdbresolve> is part of the B<Wireshark> distribution. The latest version
of B<Wireshark> can be found at L<https://www.wireshark.org>.

HTML versions of the Wireshark project man pages are available at:
L<https://www.wireshark.org/docs/man-pages>.

=head1 AUTHORS

  Original Author
  ---------------
  Gerald Combs            <gerald[AT]wireshark.org>
Transition from GeoIP Legacy to MaxMindDB. MaxMind is discontinuing its legacy databases in April in favor of GeoIP2, which use a newer database format (MaxMind DB). The reference C library (libmaxminddb) is available under the Apache 2.0 license which isn't quite compatible with ours. Add mmdbresolve, a utility that reads IPv4 and IPv6 addresses on stdin and prints resolved information on stdout. Place it under a liberal license (MIT) so that we can keep libmaxminddb at arm's length. Add epan/maxmind_db.[ch], which spawns mmdbresolve and communicates with it via stdio. Migrate the preferences and documentation to MaxMindDB. Change the IPv4 and IPv6 asnum fields to FT_UINT32s. Change the geographic coordinate fields to FT_DOUBLEs. Bug: 10658 Change-Id: I24aeed637bea1b41d173270bda413af230f4425f Reviewed-on: https://code.wireshark.org/review/26214 Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot Reviewed-by: Gerald Combs <gerald@wireshark.org> 2018-02-09 01:20:26 +00:00
			`=head1 NAME`

			`mmdbresolve - Read IPv4 and IPv6 addresses and print their IP geolocation information.`

			`=head1 SYNOPSIS`

			`B<mmdbresolve>`
			`S<B<-f E<lt>dbfileE<gt>>>`
			`S<[ B<-f E<lt>dbfileE<gt>> ]>`
			`I<...>`

			`=head1 DESCRIPTION`

			`B<mmdbresolve> reads IPv4 and IPv6 addresses on stdin and prints their IP geolocation information`
			`on stdout. Each input line must contain exactly one address. Output is in INI format, with a section`
			`delimiter named after the query address followed by a set of "key: value" pairs. A comment`
			`beginning with "# End" is appended to each section.`

			`At startup an "[init]" section is printed that shows the status of each datbase and of mmdbresolve`
			`itself.`

			`=head1 OPTIONS`

			`=over 4`

			`=item -f`

			`Path to a MaxMind Database file. Multiple databases may be specified.`

			`=back`

			`=head1 EXAMPLES`

			`To resolve a single address:`

			`echo 4.4.4.4 \| mmdbresolve -f /usr/share/GeoIP/GeoLite2-City.mmdb`

			`Example output:`
			`[init]`
			`db.0.path: /usr/share/GeoIP/GeoLite2-City.mmdb`
			`db.0.status: OK`
			`mmdbresolve.status: true`
			`# End init`
			`[4.4.4.4]`
			`# GeoLite2-City`
			`country.iso_code: US`
			`country.names.en: United States`
			`location.latitude: 37.751000`
			`location.longitude: -97.822000`
			`# End 4.4.4.4`

			`=head1 SEE ALSO`

			`wireshark(1), tshark(1)`

			`=head1 NOTES`

			`B<mmdbresolve> is part of the B<Wireshark> distribution. The latest version`
			`of B<Wireshark> can be found at L<https://www.wireshark.org>.`

			`HTML versions of the Wireshark project man pages are available at:`
			`L<https://www.wireshark.org/docs/man-pages>.`

			`=head1 AUTHORS`

			`Original Author`
			`---------------`
			`Gerald Combs <gerald[AT]wireshark.org>`