How to check MAC address on Linux

Question

How to check MAC address on Linux

I want to ping a known MAC address, I tried using nmap:

sudo nmap -sP 192.168.15.1/24 | grep 20:64:32:3F:B1:A9

But in this case, it ping all 255 IP addresses (from 192.168.15.1 to 192.168.15.255) until you get my MAC address, and it takes a lot of time about 4 seconds.

any idea please?

+6

mac-address ip ping arp

Linux Jan 30 '13 at 9:24

source share

5 answers

You cannot ping the MAC address. You can only ping an IP address, so you are trying to figure out which IP address belongs to a specific MAC address and ping that IP address. ARP is used to find the MAC address of a machine with a specific IP address, but you cannot go the other way (technically this is a protocol called Reverse ARP exists, but it has never been used on typical operating systems). Once the MAC address is found, it will be stored in the ARP cache, so you do not have to look for it again for several minutes, but this is not a reliable way to find the MAC, because the entries do not remain in the cache for a long time. You figured out how to do a static recording, but if you hardcode 192.168.15.196 to this MAC address, why don't you just ping 192.168.15.196 (that's all you do anyway)?

+5

Perheroxide Mar 19 '13 at 22:01

source share

nmap has the -T option to speed up such actions. -T 5 is the fastest.

You can also try the --min- parallelism option.

+4

MDB Aug 15 '13 at 14:18

source share

Combining the above good answers in one script: (Usage: macping aa:bb:cc:dd:ee:ff )

 #!/bin/bash network=192.168.1.1/24 if [ "$#" -ne 1 ]; then echo Usage example: $0 aa:bb:cc:dd:ee:ff; exit 2; fi; nmap -sP -T4 $network >& /dev/null ip=$(arp -n | grep $1 | awk ' { print $1 }') ping $ip -n -q -c 2 -i 0.2 -w 1 >& /dev/null if [ $? -eq 0 ]; then echo Device is online \($ip\) else echo Device is offline exit 1 fi;

Expansion. To save the list of network devices, by MAC address and display the status online / offline. Usage includes:

Monitoring the status of your server
check your internet connection up.
checking if a specific device connects to your Wi-Fi
checking your smart tv is really off.
etc.

Each device name is displayed in green if it is turned on, red - in offline mode.
A desktop notification is displayed when the device status changes.

Tested under linux mint, should work on other distributions.

 #!/bin/bash #Create associated array declare -A devicelist #device name: mac address declare -A statuslist #device name: online status devicelist[Server01]=aa:bb:cc:dd:ee:01 devicelist[Server02]=aa:bb:cc:dd:ee:02 devicelist[MyPhone] =aa:bb:cc:dd:ee:03 devicelist[SmartTV] =aa:bb:cc:dd:ee:04 #Colour Constants BRed='\033[1;31m' BGreen='\033[1;32m' Reset='\033[m' function mactoip(){ echo $(arp -n | grep -i $mac | awk ' { print $1 }') } while [ true ]; do clear arp_cache_rebuilt=no for devicename in ${!devicelist[@]}; do status=OFFLINE mac=${devicelist[${devicename}]} ip=$( mactoip $mac ) if [ -z $ip ] && [ $arp_cache_rebuilt = "no" ]; then #we need to rebuild the arp cache... nmap -sn -T4 192.168.1.0/24 >& /dev/null ip=$( mactoip $mac ) arp_cache_rebuilt=yes fi; if [ ! -z $ip ]; then ping $ip -n -q -c 2 -i 0.2 -w 1 >& /dev/null if [ $? -eq 0 ]; then status=ONLINE; fi fi; #if device previous status not yet recorded, then set it now. if [ ! ${statuslist[${devicename}]+_} ]; then statuslist[${devicename}]=$status; fi if [ $status = "ONLINE" ]; then colour=$BGreen; else colour=$BRed; fi; echo -e ${colour}${devicename}${Reset} - $ip if [ ${statuslist[${devicename}]} != $status ]; then notify-send -i ac-adapter -u critical -t 1000 $status "$devicename" fi; statuslist[$devicename]=$status done echo - sleep 5 done

+2

Mtl dev Apr 18 '17 at 17:40

source share

Here is another and simpler answer.

 ping $(arp-scan --localnet | grep 80:1f:02:fa:90:b7 | awk ' { printf $1 } ')

Note that the mac address must use lowercase letters.

arp-scan is much faster than arp.

0

Julian knight Aug 4 '17 at 23:12

source share

Davide berra · Accepted Answer · 2013-01-30T16:04:54+0000

The only way to make it faster is to check if the MAC address is in your arp table

 #!/bin/bash # extract ip from local arp table ip=$(arp | grep 20:64:32:3F:B1:A9 | awk ' { print $1 } ') # found an ip tied to the mac address? if [ ! -z $ip ]; then # if found, do you want to ping it? ping $ip else echo "Not found into local arp table. Trying another way..." # wanna try your nmap strategy? # sudo nmap -sP 192.168.15.1/24 | grep 20:64:32:3F:B1:A9 fi;

How to check MAC address on Linux

More articles: