PC-Tools.Net - Quality Coding

unix: grepcidr

grepcidr 2.0 - Filter IPv4 and IPv6 addresses matching CIDR patterns

Release date: 2014-05-26

Language: C
License: GNU GPL
Author: Jem Berkes

Download source: grepcidr-2.0.tar.gz [16,557 bytes]
MD5 signature: grepcidr-2.0.tar.gz.md5
SHA512 signature: grepcidr-2.0.tar.gz.sha512


grepcidr can be used to filter a list of IP addresses against one or more Classless Inter-Domain Routing (CIDR) specifications. As with grep, there are options to invert matching and load patterns from a file. grepcidr is capable of efficiently processing large numbers of IPs and networks.

grepcidr has endless uses in network software, including: mail filtering and processing, network security, log analysis, and many custom applications.

For detailed instructions and examples, please see the README file or man page. A couple examples of usage:

	grepcidr 2001:db8::/32 logfile
	grepcidr access.log

Changes in version 2.0

Note! There is a fork of grepcidr

Project owner Name/title Notes
Jem Berkes (this site) grepcidr 2.0 - official
Most current version
I am the original author, and this is the original project (created 2004 and most recently released May 2014) on pc-tools.net. The feature set and execution speed is comparable to the forked project below, but the two versions are not compatible. This official grepcidr is very fast, and has approximately equivalent performance to the below fork. My project is the only one I developed, tested, and stand behind (10 years and counting).
John Levine grepcidr(*) 2.98 - FORK
Does not supercede the main project
John has a completely different implementation and his version represents a near-total rewrite. These two projects now have unrelated code, and are developed independently. Although I have requested that he change his project name to differentiate it from my grepcidr 2.0, he chose to call his project grepcidr-2. (*) THIS NAME CREATES CONFUSION IN THE COMMUNITY. Although they both have the number 2, these are different projects. John's "2.98" does not upgrade or follow Jem's 2.0.

Compiling and Installing

This has been tested on Ubuntu Linux, FreeBSD, NetBSD, OS X Mavericks, cygwin:

	make install

The Makefile uses -O3 optimization by default.

Command usage

	grepcidr [-V] [-cisvx] PATTERN [FILE...]
	grepcidr [-V] [-cisvx] [-e PATTERN | -f PATFILE] [FILE...]

-V      Show software version
-c      Display count of the matching lines, instead of showing the lines
-i      Inverse match, include lines without an IP, implies -v
-s      Enforce strict alignment of CIDR mask; host portion must be all zero
-v      Invert the sense of matching, output lines with IPs that don't match
-x      Strict matching, only look at start of line
-e      Specify individual IP or CIDR pattern(s) on command-line
-f      Load individual IP or CIDR pattern(s) from file


Sponsored in part by the Spamhaus Project. Thanks to the people at Spamhaus for helping add valuable new features, and for their thorough testing.

A great thanks to Chris Lewis for suggesting and helping test many features, such as IPv6, stricter CIDR, support for multiple input files and unlimited line length.

Thanks to John Levine for sharing his alternative implementation. I used a couple ideas from his code, such as portable 128-bit numbers. However, John's version is quite different and represents a significant fork in the project.

Thanks to Ryan Finnie for his work on the Debian package. I've adopted several of his changes including the Makefile, and the DocBook format which now is the source of the man page. Thanks to Ryan for writing the first manual in DocBook format.

Many thanks to Dick Wesseling who suggested an improved data structure format as well as binary search, to improve grepcidr performance.