def __init__(self):
self.listing = Listing()
self.whitelisting = WhiteListing()
self.rule = Rule()
self.asnum = ASNum()
self.subnet = Subnet()
self.rir = RIR()
self.country = Country()
self.peering = Peering()
def __init__(self): self.listing = Listing() self.whitelisting = WhiteListing() self.rule = Rule() self.asnum = ASNum() self.subnet = Subnet() self.rir = RIR() self.country = Country() self.peering = Peering()
def __init__(self): self.ipcalc = IPCalc() self.asnum = ASNum()
class NetData:
def __init__(self):
self.ipcalc = IPCalc()
self.asnum = ASNum()
def revip(self, ip, af):
if af == 4:
t = ip.split(".")
return "%s.%s.%s.%s" % (t[3], t[2], t[1], t[0])
elif af == 6:
ip = ip.split("::")[0].split(":")
ip.reverse()
tmp = ""
for i in ip:
x = "%04X" % (int(i, 16))
tmp += x[::-1]
rev = ""
for i in range(0, len(tmp)):
rev += "%s." % (tmp[i])
return rev[:-1]
def get_origin(self, ip):
af = self.ipcalc.af(ip)
if af == 4:
query = "%s.origin.asn.cymru.com" % (self.revip(ip, af))
elif af == 6:
query = "%s.origin6.asn.cymru.com" % (self.revip(ip, af))
else:
return None
try:
entry = dns.resolver.query(query, "TXT")
except:
return None
for rdata in entry:
data = str(rdata).replace("\"", "")
t = data.split(" | ")
return [t[0], t[1], t[2]]
def get_subnet_asnum(self, ip):
try:
return self.get_origin(ip)[0].split(" ")[0]
except:
return None
def get_asn_name(self, asn):
query = "AS%s.asn.cymru.com" % (asn)
try: entry = dns.resolver.query(query, "TXT")
except: return "Unknown"
for rdata in entry:
data = str(rdata).replace("\"", "")
try: return data.split(" | ")[4]
except: return "Unknown"
def query_whois(self, server, asnum):
#return commands.getoutput("whois -h %s as%s" % (server, asnum)).split("\n")
return ""
def parse_whois_data(self, raw_whois_data):
rirs = ["APNIC", "LACNIC", "AfriNIC", "RIPE", "ARIN"]
data = ""
in_aut_num = False
in_role = False
in_person = False
for line in raw_whois_data:
if len(line) == 0:
in_aut_num = False
in_role = False
in_person = False
if len(data) != 0 and data[-2:] != "\n\n": data += "\n"
elif line.startswith("aut-num:"): in_aut_num = True
elif line.startswith("ASNumber:"): in_aut_num = True
elif line.startswith("OrgName:"): in_role = True
elif line.startswith("OrgTechHandle:"): in_person = True
elif line.startswith("OrgAbuseHandle:"): in_person = True
elif line.startswith("role:"):
is_rir = False
for rir in rirs:
if rir in line: is_rir = True
if not is_rir: in_role = True
elif line.startswith("person:"): in_person = True
elif line.startswith("import:"): continue
elif line.startswith("export:"): continue
elif line.startswith("default:"): continue
elif line.startswith("source:"): continue
elif line.startswith("remarks:"): continue
elif line.startswith("mp-import:"): continue
elif line.startswith("mp-export:"): continue
elif line.startswith("+"): continue
elif line.startswith("\t"): continue
elif line.startswith(" "): continue
if in_aut_num:
data += "%s\n" % (line)
elif in_role:
data += "%s\n" % (line)
elif in_person:
data += "%s\n" % (line)
return data
def get_whois_data(self, ip):
try:
(asn, net, country) = self.get_origin(ip)
except:
return (0, "UNKNOWN", "Unknown ASN", "0.0.0.0/0", "NL")
asn_name = self.get_asn_name(asn)
asn = asn.split()[0]
(result, asn_obj) = self.asnum.get(asnum=asn)
if not result:
return (False, asn_obj)
raw_whois_data = self.query_whois(asn_obj.rir.whois, asn)
return (asn, asn_name, self.parse_whois_data(raw_whois_data), net, country)
class API:
def __init__(self):
self.listing = Listing()
self.whitelisting = WhiteListing()
self.rule = Rule()
self.asnum = ASNum()
self.subnet = Subnet()
self.rir = RIR()
self.country = Country()
self.peering = Peering()
def add(self, data):
(result, listing) = self.listing.add(
ip=data['ip'],
sensor=data['sensor'],
sensor_host=data['sensor_host'],
reason=data['reason'],
reporter=data['username'],
)
return (result, str(listing))
def get_rules(self):
rules = {}
(result, db_rules) = self.rule.all()
if result:
for r in db_rules:
if not rules.has_key(r.sensor.name):
rules[r.sensor.name] = []
rules[r.sensor.name].append([r.rule, r.pos_ip, r.pos_reason])
return (True, rules)
else:
return (False, db_rules)
def get_peerings(self):
peerings = []
(result, db_peerings) = self.peering.all()
if result:
for p in db_peerings:
peerings.append({
"hostname": p.peer.hostname,
"ip": p.peer.ip.ip,
"af": p.peer.ip.af,
"asnum": p.asnum.asnum,
"key": p.key.data,
})
return (True, peerings)
else:
return (False, db_peerings)
def get_listings(self):
listings = []
(result, db_listings) = self.listing.all()
if result:
for l in db_listings:
listings.append((l.ip.ip, l.ip.last, l.ip.mask, l.ip.af))
(result, rir_listings) = self.rir.filter(listed=True)
if result:
for rir in rir_listings:
(result, rir_subnets) = self.subnet.filter(rir=rir)
if result:
for s in rir_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, country_listings) = self.country.filter(listed=True)
if result:
for country in country_listings:
(result, country_subnets) = self.subnet.filter(country=country)
if result:
for s in country_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, provider_listings) = self.asnum.filter(listed=True)
if result:
for asnum in provider_listings:
(result, provider_subnets) = self.subnet.filter(asnum=asnum)
if result:
for s in provider_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, subnet_listings) = self.subnet.filter(listed=True)
if result:
for s in subnet_listings:
listings.append((s.subnet, s.last, s.mask, s.af))
return (True, list(set(listings)))
def get_whitelistings(self):
listings = []
(result, db_listings) = self.whitelisting.all()
if result:
for l in db_listings:
listings.append((l.ip.ip, l.ip.last, l.ip.mask, l.ip.af))
(result, rir_listings) = self.rir.filter(whitelisted=True)
if result:
for rir in rir_listings:
(result, rir_subnets) = self.subnet.filter(rir=rir)
if result:
for s in rir_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, country_listings) = self.country.filter(whitelisted=True)
if result:
for country in country_listings:
(result, country_subnets) = self.subnet.filter(country=country)
if result:
for s in country_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, provider_listings) = self.asnum.filter(whitelisted=True)
if result:
for asnum in provider_listings:
(result, provider_subnets) = self.subnet.filter(asnum=asnum)
if result:
for s in provider_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, subnet_listings) = self.subnet.filter(whitelisted=True)
if result:
for s in subnet_listings:
listings.append((s.subnet, s.last, s.mask, s.af))
return (True, list(set(listings)))
basedir = "/www/blacklist/app/backup" from blacklist.common.config import Config from blacklist.middleware.country import Country from blacklist.middleware.rir import RIR from blacklist.middleware.asnum import ASNum from blacklist.middleware.subnet import Subnet from blacklist.middleware.whitelisting import WhiteListing from blacklist.middleware.peering import Peering from blacklist.middleware.rule import Rule from blacklist.middleware.duration import Duration from blacklist.middleware.listing import Listing from blacklist.middleware.historylisting import HistoryListing config = Config() asnum = ASNum() country = Country() rir = RIR() subnet = Subnet() whitelisting = WhiteListing() peering = Peering() rule = Rule() duration = Duration() listing = Listing() historylisting = HistoryListing() def log(msg): stdout.write(msg) stdout.flush() def get_data(item):
class API:
def __init__(self):
self.listing = Listing()
self.whitelisting = WhiteListing()
self.rule = Rule()
self.asnum = ASNum()
self.subnet = Subnet()
self.rir = RIR()
self.country = Country()
self.peering = Peering()
def add(self, data):
(result, listing) = self.listing.add(
ip=data['ip'],
sensor=data['sensor'],
sensor_host=data['sensor_host'],
reason=data['reason'],
reporter=data['username'],
)
return (result, str(listing))
def get_rules(self):
rules = {}
(result, db_rules) = self.rule.all()
if result:
for r in db_rules:
if not rules.has_key(r.sensor.name):
rules[r.sensor.name] = []
rules[r.sensor.name].append([r.rule, r.pos_ip, r.pos_reason])
return (True, rules)
else:
return (False, db_rules)
def get_peerings(self):
peerings = []
(result, db_peerings) = self.peering.all()
if result:
for p in db_peerings:
peerings.append({
"hostname": p.peer.hostname,
"ip": p.peer.ip.ip,
"af": p.peer.ip.af,
"asnum": p.asnum.asnum,
"key": p.key.data,
})
return (True, peerings)
else:
return (False, db_peerings)
def get_listings(self):
listings = []
(result, db_listings) = self.listing.all()
if result:
for l in db_listings:
listings.append((l.ip.ip, l.ip.last, l.ip.mask, l.ip.af))
(result, rir_listings) = self.rir.filter(listed=True)
if result:
for rir in rir_listings:
(result, rir_subnets) = self.subnet.filter(rir=rir)
if result:
for s in rir_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, country_listings) = self.country.filter(listed=True)
if result:
for country in country_listings:
(result, country_subnets) = self.subnet.filter(country=country)
if result:
for s in country_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, provider_listings) = self.asnum.filter(listed=True)
if result:
for asnum in provider_listings:
(result, provider_subnets) = self.subnet.filter(asnum=asnum)
if result:
for s in provider_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, subnet_listings) = self.subnet.filter(listed=True)
if result:
for s in subnet_listings:
listings.append((s.subnet, s.last, s.mask, s.af))
return (True, list(set(listings)))
def get_whitelistings(self):
listings = []
(result, db_listings) = self.whitelisting.all()
if result:
for l in db_listings:
listings.append((l.ip.ip, l.ip.last, l.ip.mask, l.ip.af))
(result, rir_listings) = self.rir.filter(whitelisted=True)
if result:
for rir in rir_listings:
(result, rir_subnets) = self.subnet.filter(rir=rir)
if result:
for s in rir_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, country_listings) = self.country.filter(whitelisted=True)
if result:
for country in country_listings:
(result, country_subnets) = self.subnet.filter(country=country)
if result:
for s in country_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, provider_listings) = self.asnum.filter(whitelisted=True)
if result:
for asnum in provider_listings:
(result, provider_subnets) = self.subnet.filter(asnum=asnum)
if result:
for s in provider_subnets:
listings.append((s.subnet, s.last, s.mask, s.af))
(result, subnet_listings) = self.subnet.filter(whitelisted=True)
if result:
for s in subnet_listings:
listings.append((s.subnet, s.last, s.mask, s.af))
return (True, list(set(listings)))
def __init__(self):
self.ipcalc = IPCalc()
self.asnum = ASNum()
class NetData:
def __init__(self):
self.ipcalc = IPCalc()
self.asnum = ASNum()
def revip(self, ip, af):
if af == 4:
t = ip.split(".")
return "%s.%s.%s.%s" % (t[3], t[2], t[1], t[0])
elif af == 6:
ip = ip.split("::")[0].split(":")
ip.reverse()
tmp = ""
for i in ip:
x = "%04X" % (int(i, 16))
tmp += x[::-1]
rev = ""
for i in range(0, len(tmp)):
rev += "%s." % (tmp[i])
return rev[:-1]
def get_origin(self, ip):
af = self.ipcalc.af(ip)
if af == 4:
query = "%s.origin.asn.cymru.com" % (self.revip(ip, af))
elif af == 6:
query = "%s.origin6.asn.cymru.com" % (self.revip(ip, af))
else:
return None
try:
entry = dns.resolver.query(query, "TXT")
except:
return None
for rdata in entry:
data = str(rdata).replace("\"", "")
t = data.split(" | ")
return [t[0], t[1], t[2]]
def get_subnet_asnum(self, ip):
try:
return self.get_origin(ip)[0].split(" ")[0]
except:
return None
def get_asn_name(self, asn):
query = "AS%s.asn.cymru.com" % (asn)
try:
entry = dns.resolver.query(query, "TXT")
except:
return "Unknown"
for rdata in entry:
data = str(rdata).replace("\"", "")
try:
return data.split(" | ")[4]
except:
return "Unknown"
def query_whois(self, server, asnum):
#return commands.getoutput("whois -h %s as%s" % (server, asnum)).split("\n")
return ""
def parse_whois_data(self, raw_whois_data):
rirs = ["APNIC", "LACNIC", "AfriNIC", "RIPE", "ARIN"]
data = ""
in_aut_num = False
in_role = False
in_person = False
for line in raw_whois_data:
if len(line) == 0:
in_aut_num = False
in_role = False
in_person = False
if len(data) != 0 and data[-2:] != "\n\n": data += "\n"
elif line.startswith("aut-num:"): in_aut_num = True
elif line.startswith("ASNumber:"): in_aut_num = True
elif line.startswith("OrgName:"): in_role = True
elif line.startswith("OrgTechHandle:"): in_person = True
elif line.startswith("OrgAbuseHandle:"): in_person = True
elif line.startswith("role:"):
is_rir = False
for rir in rirs:
if rir in line: is_rir = True
if not is_rir: in_role = True
elif line.startswith("person:"): in_person = True
elif line.startswith("import:"): continue
elif line.startswith("export:"): continue
elif line.startswith("default:"): continue
elif line.startswith("source:"): continue
elif line.startswith("remarks:"): continue
elif line.startswith("mp-import:"): continue
elif line.startswith("mp-export:"): continue
elif line.startswith("+"): continue
elif line.startswith("\t"): continue
elif line.startswith(" "): continue
if in_aut_num:
data += "%s\n" % (line)
elif in_role:
data += "%s\n" % (line)
elif in_person:
data += "%s\n" % (line)
return data
def get_whois_data(self, ip):
try:
(asn, net, country) = self.get_origin(ip)
except:
return (0, "UNKNOWN", "Unknown ASN", "0.0.0.0/0", "NL")
asn_name = self.get_asn_name(asn)
asn = asn.split()[0]
(result, asn_obj) = self.asnum.get(asnum=asn)
if not result:
return (False, asn_obj)
raw_whois_data = self.query_whois(asn_obj.rir.whois, asn)
return (asn, asn_name, self.parse_whois_data(raw_whois_data), net,
country)
def providers(request):
errmsg = ""
listing_changed = False
whitelisting_changed = False
for item in request.GET.keys():
if item.startswith("id_"):
(result, asn) = asnum.get(id=item[3:])
if result:
if request.GET["bulk_action"] == "blacklist":
asn.listed = not asn.listed
listing_changed = True
if asn.whitelisted:
whitelisting_changed = True
asn.whitelisted = False
elif request.GET["bulk_action"] == "whitelist":
asn.whitelisted = not asn.whitelisted
whitelisting_changed = True
if asn.listed:
listing_changed = True
asn.listed = False
asn.save()
if listing_changed:
broker.update_listings()
if whitelisting_changed:
broker.update_whitelistings()
if "q" in request.GET.keys() and len(request.GET["q"]) != 0:
s = Search(
model=ASNum(),
fields={
"asnum": "asnum",
"name": "name",
"country": "country__name",
"code": "country__code",
"rir": "rir__name",
"regdate": "regdate",
"listed": "listed",
"whitelisted": "whitelisted",
}
)
(result, asnum_data) = s.find(request.GET["q"])
if not result:
errmsg = asnum_data
(result, asnum_data) = asnum.all()
else:
(result, asnum_data) = asnum.all()
if not result: return HttpResponseRedirect("/")
try: page = int(request.GET.get('page', '1'))
except: page = 1
asnum_table = ASNumTable(
asnum_data,
order_by=request.GET.get('sort', 'title')
)
if request.method == "GET":
search_form = SearchForm(request.GET)
else:
search_form = SearchForm()
return render_to_response("registry/provider/overview.html", {
"errmsg": errmsg,
"asnum_table": asnum_table,
"search_form": search_form,
}, context_instance=RequestContext(request))
