Re: [ALUG] How to get the MAC address of the 'local' system given the IP address?

31 Jan 2020

      ** Chris Green cl@isbd.net [2020-01-30 20:08]:
...
On Thu, Jan 30, 2020 at 05:40:47PM +0000, Paul Tansom wrote:
...
** Chris Green cl@isbd.net [2020-01-30 17:22]:
...
You'd think this was easy but although I can find the information
easily enough I can't find a concise way of doing it.
What I want is to get same information for the system I'm logged into
as is given by 'arp-scan -lx' for all other systems on the LAN:-
root@t470:~# arp-scan -lx
192.168.1.1     xx:xx:xx:xx:xx:xx       DrayTek Corp.
192.168.1.3     xx:xx:xx:xx:xx:xx       Fujitsu Technology Solutions GmbH
192.168.1.4     xx:xx:xx:xx:xx:xx       Raspberry Pi Foundation
192.168.1.10    xx:xx:xx:xx:xx:xx       TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.20    xx:xx:xx:xx:xx:xx       DrayTek Corp.
192.168.1.50    xx:xx:xx:xx:xx:xx       Oki Electric Industry Co., Ltd.
192.168.1.96    xx:xx:xx:xx:xx:xx       HUMAX Co., Ltd.
192.168.1.98    xx:xx:xx:xx:xx:xx       TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.111   xx:xx:xx:xx:xx:xx       TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.114   xx:xx:xx:xx:xx:xx       MICRO-STAR INT'L CO.,LTD
192.168.1.95    xx:xx:xx:xx:xx:xx       Sonos, Inc.
192.168.1.104   xx:xx:xx:xx:xx:xx       Amazon Technologies Inc.

I can get IP address of my current LAN connection using 'hostname -i':-
chris$ hostname -i
192.168.1.92

... but I can't find a neat way of getting the corresponding MAC
address and company information as for arp-scan. The MAC address can
be obtained using ifconfig or ip but it's an exercise in frustration
trying to extract the relevant bits:-
chris$ ifconfig
enp0s31f6: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether c8:5b:76:de:2a:fc  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16  memory 0xec200000-ec220000  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 639  bytes 279749 (279.7 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 639  bytes 279749 (279.7 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.92  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::8239:9067:e11:92be  prefixlen 64  scopeid 0x20<link>
        ether xx:xx:xx:xx:xx:xx  txqueuelen 1000  (Ethernet)
        RX packets 14315  bytes 7281010 (7.2 MB)
        RX errors 0  dropped 1  overruns 0  frame 0
        TX packets 14719  bytes 1911802 (1.9 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

You'd have to first find that the WiFi device wlp4s0 is providing the
LAN interface (I want it to work when it's wired with enp0s31f6 when
that's in use, can't just hard code wlp4s0) and then go to the 'ether'
line to get the MAC address.  Even then you don't get the company name.
It's possible but hard work and messy, I'd like to find a simple way.
** end quote [Chris Green]
You should be able to get this with:
sudo nmap -sn 192.168.1.0/24
adjusted for your network (that isn't mine, but looks to be the range you are
on. If you have a subnet mask wider than 255.255.255.0 you will need to adjust
the /24 notation.
Yes, but...
It *doesn't* return the bit I want, the MAC address and company name
for the local system, see:-
chris@esprimo$ sudo nmap -sn 192.168.1.0/24
Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-30 20:04 GMT
Nmap scan report for 2860n.zbmc.eu (192.168.1.1)
Host is up (0.00034s latency).
MAC Address: xx:xx:xx:xx:xx:xx (DrayTek)
Nmap scan report for newdns.zbmc.eu (192.168.1.4)
Host is up (0.00046s latency).
MAC Address: xx:xx:xx:xx:xx:xx (Raspberry Pi Foundation)
...
...
...
Nmap scan report for onkyoTx-nr616.zbmc.eu (192.168.1.117)
Host is up (0.00057s latency).
MAC Address: xx:xx:xx:xx:xx:xx (Onkyo)
Nmap scan report for S685-IP.zbmc.eu (192.168.1.118)
Host is up (0.071s latency).
MAC Address: xx:xx:xx:xx:xx:xx (Gigaset Communications GmbH)
Nmap scan report for esprimo.zbmc.eu (192.168.1.3)
Host is up.
Nmap done: 256 IP addresses (15 hosts up) scanned in 1.56 seconds
chris@esprimo$ 

No MAC address for esprimo.
** end quote [Chris Green]
Ah, I misunderstood the requirement. I thought you were looking for the MAC
addresses of the other hosts on the network. In which case I would try:
ip -o -br link | awk '$0 !~ /lo/ {print $3}'
I'm assuming you only have a single NIC, so...
for the ip command: 
the -o puts the the output on a single line for each interface to make processing easier
the -br uses the brief format with only basic information, which includes the MAC address
for the awk command:
the $0 !~ /lo/ excludes the loopback interface from the outhput (which is in the first column)
the {print $3} only outputs the third column which has the MAC address in
if you have multiple NICs or interfaces beyond the loopback one you'll get multiple lines
-- 
 Paul Tansom  |  Aptanet Ltd.  |  https://www.aptanet.com/  |  023 9238 0001
=============================================================================
Registered in England | Company No: 4905028 | Registered Office: Ralls House,
Parklands Business Park, Forrest Road, Denmead, Waterlooville, Hants, PO7 6XP

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

Re: [ALUG] How to get the MAC address of the 'local' system given the IP address?