.TH hath 1

.SH NAME
hath \- Manipulate network blocks in CIDR notation
.SH SYNOPSIS

\fBhath\fR [\fBregexed|reduced|duped|diffed|listed|reversed\fR] [\fB\-hb\fR] \fI<input>\fR
.SH INPUT
.P
The \fIinput\fR (stdin) should be a list of CIDR blocks, separated by
whitespace. Empty lines will be ignored, but otherwise, malformed
entries will cause an error to be displayed.
.SH DESCRIPTION
.P
Hath is a Haskell program for working with network blocks in CIDR
notation. When dealing with blocks of network addresses, there are a
few things that one usually wants to do with them:
.IP \(bu 2
Create a regular expression matching the CIDR block(s). This is
because grep will throw up if you feed it CIDR.
.IP \(bu
Combine small blocks into larger ones. For example, if you have two
consecutive /24s, they might combine into a larger /23.
.IP \(bu
View the result of block combination in a useful way.
.IP \(bu
List them.
.IP \(bu
Find their associated PTR records.
.P
Hath does just that. It takes as its input (via stdin) a list of CIDR
blocks.
.SH MODES
.P
Hath has several modes:
.IP \(bu 2
\fBRegexed\fR
.P
This computes a (Perl-compatible) regular expression matching
the input CIDR blocks. It's the default mode of operation.
.P
.nf
.I $ hath <<< \(dq10.0.0.0/29 10.0.0.8/29\(dq
((10)\.(0)\.(0)\.(15|14|13|12|11|10|9|8|7|6|5|4|3|2|1|0))
.fi
.IP \(bu 2
\fBReduced\fR
.P
This combines small blocks into larger ones where possible, and
eliminates redundant blocks. The output should be equivalent to
the input, though.
.P
.nf
.I $ hath reduced <<< \(dq10.0.0.0/24 10.0.1.0/24\(dq
10.0.0.0/23
.fi
.IP \(bu 2
\fBDuped\fR
.P
Shows only the blocks that would be removed by reduce; that is, it
shows the ones that would get combined into larger blocks or are
simply redundant.
.P
.nf
.I $ hath duped <<< \(dq10.0.0.0/24 10.0.1.0/24\(dq
10.0.0.0/24
10.0.1.0/24
.fi
.IP \(bu 2
\fBDiffed\fR
.P
Shows what would change if you used reduce. Uses diff-like
notation.
.P
.nf
.I $ hath diffed <<< \(dq10.0.0.0/24 10.0.1.0/24\(dq
-10.0.0.0/24
-10.0.1.0/24
+10.0.0.0/23
.fi
.IP \(bu 2
\fBListed\fR
.P
List the IP addresses contained within the given CIDRs.
.P
.nf
.I $ hath listed <<< 192.168.0.240/29
192.168.0.240
192.168.0.241
192.168.0.242
192.168.0.243
192.168.0.244
192.168.0.245
192.168.0.246
192.168.0.247
.fi
.IP \(bu 2
\fBReversed\fR
.P
Perform reverse DNS (PTR) lookups on the IP addresses contained within
the given CIDRs.
.P
.nf
.I $ hath reversed <<< 198.41.0.4/30
198.41.0.4: a.root-servers.net.
198.41.0.5:
198.41.0.6: rs.internic.net.
198.41.0.7:
.fi
.P
The DNS lookups are usually the bottleneck for this mode, but we can
perform them in parallel. Simply pass the number of threads to the GHC
runtime on the command line; for example, the following will perform
25 lookups in parallel:
.P
.nf
.I $ hath reversed +RTS -N25 <<< 198.41.0.4/24
198.41.0.4: a.root-servers.net.
198.41.0.5:
198.41.0.6: rs.internic.net.
\(pc\(pc\(pc
.fi

.SH OPTIONS

.IP \fB\-\-barriers\fR,\ \fB\-b\fR
(regexed mode only) place barriers in front/back of the regex to
prevent e.g. '127.0.0.1' from matching '127.0.0.100'. The downside is
that the resulting regexp will match something that is not an IP
address, and this messes up e.g. \fIgrep -o\fR.

.P
Without \fB\-\-barriers\fR, you can match things you shouldn't:

.nf
.I $ echo 127.0.0.100 | grep -P $(hath <<< 127.0.0.1/32)
127.0.0.100
.fi

.P
Using \fB\-\-barriers\fR can prevent this:

.nf
.I $ echo 127.0.0.100 | grep -P $(hath -b <<< 127.0.0.1/32)
.I $ echo $?
1
.fi

.P
But, this may also cause the regex to match something that isn't an IP
address:

.nf
.I $ echo x127.0.0.1x | grep -Po $(hath -b <<< 127.0.0.1/32)
x127.0.0.1x
.fi