It is straightforward with many online tools to provide a location of an IP address. You'll find a lot of IP resolvers like whatsmyip.org, whatismyipaddress.com or other findmyipaddress.info to let you know that.
Once you know the longitude and latitude of the IP, it is also easy to locate it on a map, e.g., with Google maps.
This page is about generalizing geolocation of IPs to a numerous number of them, say, hundreds, that you would not be able to tackle on an individual basis with the above tools.
We assume we have a list of IPs, e.g., from a website statistics. For illustrative purposes, we shall consider the following input (actually coming from a random sampling of this website traffic statistics).
220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11
Our first task is to translate each IP into its actual location.
They inherit their services from Maxmind (Geolite City), that you might want to visit as well, but I found ipinfodb to provide sufficient services. They provide in particular a bash script to resolve IPs, that you can tweak to bring you the following information:
18.104.22.168,OK,GB,United Kingdom,Z1,Swansea,Swansea,,51.6333,-3.9667 22.214.171.124,OK,LV,Latvia,22,Preilu,Livani,,56.3667,26.1833 126.96.36.199,OK,DE,Germany,02,Bayern,Munich,,48.15,11.5833 188.8.131.52,OK,ES,Spain,54,Castilla-La Mancha,Toledo,,39.8667,-4.0167 184.108.40.206,OK,RU,Russian Federation,48,Moscow City,Moscow,,55.7522,37.6156 220.127.116.11,OK,US,United States,06,California,Los Angeles,90017,34.053,-118.264 18.104.22.168,OK,BR,Brazil,15,Minas Gerais,Uberlândia,,-18.9167,-48.3
They put you in a queue if your rate of queries is too high, but it's still good enough to get your results in hours for several thousands of IPs. If it's not fast enough, you can use their database locally.
From the latitude (that's 51.6333 of our first input) and longitude (that's -3.9667), you can create, e.g., a kml file, that you can pass to Google map.
<?xml version="1.0" encoding="UTF-8"?> <kml xmlns="http://www.opengis.net/kml/2.2"> <Placemark> <name>New York City</name> <description>New York City</description> <Point> <coordinates>-74.006393,40.714172,0</coordinates> </Point> </Placemark> <Placemark> <name>New York City 2</name> <description>New York City 2</description> <Point> <coordinates>-74.0,40.71,0</coordinates> </Point> </Placemark> </kml>
If you are using MediaWiki, as I'm doing right now, you can use Evan Miller's wonderful extension to display the result:
<googlemap lat="32.82422" lon="48.481141"> 32.81134, 48.498341, One of many [[gas stations]] in town 32.82448, 48.504848, The [[town hall]] </googlemap>
The technique I've shown resolves up to the city only, not to the street as is sometimes feasible with IPs. It's not too much of a nuisance, but a freak control would like to get as much of it as possible. If you know databases more accurate than the ones I have proposed, please contact me.
With online tools, one can resolve the hostname of an IP, which sometimes gives more information. For instance, for the IPs selected above:
cpc5-sket1-0-0-cust890.swan.cable.ntl.com no reverse DNS for this IP 22.214.171.124.net.de.o2.com 95.Red-88-0-91.dynamicIP.rima-tde.net sticker00.yandex.ru no reverse DNS for this IP 189-015-20-120.xd-dynamic.ctbcnetsuper.com.br
so, in this case, there's little added, but otherwise the IP may come from a university or even a laboratory, a bot, etc.
Because of this city coarse graining, you should script it so that different IPs that resolve to the same city do not generate more than one marker. The following code does just this. It creates a kml file with description the list of IPs.