A nested batch script with for , if and reg query loops

Question

I am working on a batch script which will query some registries on other windows computers. It is going to iterate through all of the live IP addresses and that too after checking if I get the TTL from 120 to 128. Another requirement is to first check if first registry query is successful on every machine. For example it will start from 192.168.1.1, ping it once. Get the TTL value. If TTL ranges from 120 to 128 then it is a windows system. Now query first registry. If the query was successful then proceed querying other 6 more registries and keep writing the results to a txt file. The ping part I was able to get using following:

for /l %%a in (1,1,254) do for /f "tokens=8 delims=^= " %%b in ('ping -n 1 192.168.1.%%a ^| find /I "TTL"') do echo 192.168.1.%%a -- Online , TTL: %%b

Now I need to add IF condition to it. But it doesn't show any output:

for /l %%a in (1,1,254) do for /f "tokens=8 delims=^= " %%b in ('ping -n 1 192.168.1.%%a ^| find /I "TTL"') do if %%b==128 echo 192.168.1.%%a -- Online , TTL: %%b

Next I need to query following registry:

reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName /v computername 2>null >> query_result.txt

If it is success, query rest of the registries. And this all process has to be repeated for all 254 IP addresses. In a plain and slow working way I did it followingly (for example):

for /l %%i in (1,1,254) do (reg query \\192.168.1.%%i\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName /v computername >> result.txt & reg query \\192.168.1.%%i\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion /v productname 2>null >> result.txt)

Although above code also works, but it is extremely slow, becoz it tries to query registry on dead IP addresses also. I had been following the three methods seperately in pieces using 3 result files. I want to club them. How can I add all of them together? Plz clarify the application of IF conditional statements, on how to use them. I've been trying for 2 days but no success.

Thanks marc_kriss

Answer 1

for /l %%a in (1,1,254) do for /f "tokens=8 delims=^= " %%b in ('ping -n 1 192.168.1.%%a ^| find /I "TTL"') do if %%b==128 echo 192.168.1.%%a -- Online , TTL: %%b

Close, but it will only output if %%b is exactly 128. If you want %%b in the range 120 to 128 , then you'd need

... do if %%b leq 128 if %%b geq 120 echo ...

where leq means less than or equal to. I'll let you guess what geq means...

Instead of the echo here, you could naturally use

... geq 120 (
  echo processing 192.168.1.%%a onine TTL %%b
req query...192.168.1.%%a ...
)

to perform the reg query using the selected on-line machine addreses.

---

Response to comment:

On my machine, I found

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 192.168.0.1: bytes=32 time=1ms TTL=64

Since you didn't post a sample filtered-ping result either, I have to use this data.

Now in the first result, 128 appears as %%b`

In the second, TTL appears since there's a = as time , not < . So tokens would need to be 9 not 8.

Or you could assign the entire string to an environment variable yourstring in delayedexpansion mode and then use

set "yourstring=!yourstring:*TTL=!"
set "yourstring=!yourstring:~1!"

Then you'd need to compare !yourstring! to 120,128 instead of %%b .

---

Revision

@ECHO OFF
Setlocal EnableDelayedExpansion 
for %%a in (192.168.0.1 192.168.0.2 192.168.0.3 127.0.0.1) do for /f "delims=" %%b in ('ping -n 1 %%a ^| find /I "TTL"') do (
 ECHO TTL line found FOR %%a is %%b
 set "yourstring=%%b" 
 set "yourstring=!yourstring:*TTL=!" 
 set "yourstring=!yourstring:~1!"
 ECHO yourstring is "!yourstring!"
 if !yourstring! leq 128 if !yourstring! GEQ 65 (
  echo %%a online , TTL: !yourstring!
  ECHO now DO whatever with "%%a" or "!yourstring!"
  reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName /v computername 2>nul 
 )
 ECHO end report FOR %%a ===============================
)
GOTO :EOF

Results on my machine:

TTL line found FOR 192.168.0.1 is Reply from 192.168.0.1: bytes=32 time<1ms TTL=64
yourstring is "64"
end report FOR 192.168.0.1 ===============================
TTL line found FOR 192.168.0.2 is Reply from 192.168.0.2: bytes=32 time<1ms TTL=128
yourstring is "128"
192.168.0.2 online , TTL: 128
now DO whatever with "192.168.0.2" or "128"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName
    computername    REG_SZ    OWEN-PC

end report FOR 192.168.0.2 ===============================
TTL line found FOR 127.0.0.1 is Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
yourstring is "128"
127.0.0.1 online , TTL: 128
now DO whatever with "127.0.0.1" or "128"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName
    computername    REG_SZ    OWEN-PC

end report FOR 127.0.0.1 ===============================

Note: error in the selection of the string after TTL corrected - a stray ~ sneaked in (corrected)

I've used a set selection of addresses - you're obviously aware of how to return this to for /l %%a ... and how to build 192.168.1.%%a as required.

I can't test what you appear to want to retrieve from the active machines (computer name?) as I don't have any other machines active. I've just used what came back with a TTL response.

Note nul not null Using the latter will create a file called null .

Note that for /l takes 3 parameters - there are 4 on your comment.

The caret is not required (but harmless) in "delims== " The characters between the first = and the " are delimiters - but the space must be last (for future reference) - "delims=" turns off all delimiters as the delimiter-count is not reliable in this application.

Note also I've removed the redirection to query_result.txt to show the results on-screen.