def __init__(self): self.listing = Listing() self.whitelisting = WhiteListing() self.rule = Rule() self.asnum = ASNum() self.subnet = Subnet() self.rir = RIR() self.country = Country() self.peering = Peering()
def __init__(self): self.ipcalc = IPCalc() self.asnum = ASNum()
class NetData: def __init__(self): self.ipcalc = IPCalc() self.asnum = ASNum() def revip(self, ip, af): if af == 4: t = ip.split(".") return "%s.%s.%s.%s" % (t[3], t[2], t[1], t[0]) elif af == 6: ip = ip.split("::")[0].split(":") ip.reverse() tmp = "" for i in ip: x = "%04X" % (int(i, 16)) tmp += x[::-1] rev = "" for i in range(0, len(tmp)): rev += "%s." % (tmp[i]) return rev[:-1] def get_origin(self, ip): af = self.ipcalc.af(ip) if af == 4: query = "%s.origin.asn.cymru.com" % (self.revip(ip, af)) elif af == 6: query = "%s.origin6.asn.cymru.com" % (self.revip(ip, af)) else: return None try: entry = dns.resolver.query(query, "TXT") except: return None for rdata in entry: data = str(rdata).replace("\"", "") t = data.split(" | ") return [t[0], t[1], t[2]] def get_subnet_asnum(self, ip): try: return self.get_origin(ip)[0].split(" ")[0] except: return None def get_asn_name(self, asn): query = "AS%s.asn.cymru.com" % (asn) try: entry = dns.resolver.query(query, "TXT") except: return "Unknown" for rdata in entry: data = str(rdata).replace("\"", "") try: return data.split(" | ")[4] except: return "Unknown" def query_whois(self, server, asnum): #return commands.getoutput("whois -h %s as%s" % (server, asnum)).split("\n") return "" def parse_whois_data(self, raw_whois_data): rirs = ["APNIC", "LACNIC", "AfriNIC", "RIPE", "ARIN"] data = "" in_aut_num = False in_role = False in_person = False for line in raw_whois_data: if len(line) == 0: in_aut_num = False in_role = False in_person = False if len(data) != 0 and data[-2:] != "\n\n": data += "\n" elif line.startswith("aut-num:"): in_aut_num = True elif line.startswith("ASNumber:"): in_aut_num = True elif line.startswith("OrgName:"): in_role = True elif line.startswith("OrgTechHandle:"): in_person = True elif line.startswith("OrgAbuseHandle:"): in_person = True elif line.startswith("role:"): is_rir = False for rir in rirs: if rir in line: is_rir = True if not is_rir: in_role = True elif line.startswith("person:"): in_person = True elif line.startswith("import:"): continue elif line.startswith("export:"): continue elif line.startswith("default:"): continue elif line.startswith("source:"): continue elif line.startswith("remarks:"): continue elif line.startswith("mp-import:"): continue elif line.startswith("mp-export:"): continue elif line.startswith("+"): continue elif line.startswith("\t"): continue elif line.startswith(" "): continue if in_aut_num: data += "%s\n" % (line) elif in_role: data += "%s\n" % (line) elif in_person: data += "%s\n" % (line) return data def get_whois_data(self, ip): try: (asn, net, country) = self.get_origin(ip) except: return (0, "UNKNOWN", "Unknown ASN", "0.0.0.0/0", "NL") asn_name = self.get_asn_name(asn) asn = asn.split()[0] (result, asn_obj) = self.asnum.get(asnum=asn) if not result: return (False, asn_obj) raw_whois_data = self.query_whois(asn_obj.rir.whois, asn) return (asn, asn_name, self.parse_whois_data(raw_whois_data), net, country)
class API: def __init__(self): self.listing = Listing() self.whitelisting = WhiteListing() self.rule = Rule() self.asnum = ASNum() self.subnet = Subnet() self.rir = RIR() self.country = Country() self.peering = Peering() def add(self, data): (result, listing) = self.listing.add( ip=data['ip'], sensor=data['sensor'], sensor_host=data['sensor_host'], reason=data['reason'], reporter=data['username'], ) return (result, str(listing)) def get_rules(self): rules = {} (result, db_rules) = self.rule.all() if result: for r in db_rules: if not rules.has_key(r.sensor.name): rules[r.sensor.name] = [] rules[r.sensor.name].append([r.rule, r.pos_ip, r.pos_reason]) return (True, rules) else: return (False, db_rules) def get_peerings(self): peerings = [] (result, db_peerings) = self.peering.all() if result: for p in db_peerings: peerings.append({ "hostname": p.peer.hostname, "ip": p.peer.ip.ip, "af": p.peer.ip.af, "asnum": p.asnum.asnum, "key": p.key.data, }) return (True, peerings) else: return (False, db_peerings) def get_listings(self): listings = [] (result, db_listings) = self.listing.all() if result: for l in db_listings: listings.append((l.ip.ip, l.ip.last, l.ip.mask, l.ip.af)) (result, rir_listings) = self.rir.filter(listed=True) if result: for rir in rir_listings: (result, rir_subnets) = self.subnet.filter(rir=rir) if result: for s in rir_subnets: listings.append((s.subnet, s.last, s.mask, s.af)) (result, country_listings) = self.country.filter(listed=True) if result: for country in country_listings: (result, country_subnets) = self.subnet.filter(country=country) if result: for s in country_subnets: listings.append((s.subnet, s.last, s.mask, s.af)) (result, provider_listings) = self.asnum.filter(listed=True) if result: for asnum in provider_listings: (result, provider_subnets) = self.subnet.filter(asnum=asnum) if result: for s in provider_subnets: listings.append((s.subnet, s.last, s.mask, s.af)) (result, subnet_listings) = self.subnet.filter(listed=True) if result: for s in subnet_listings: listings.append((s.subnet, s.last, s.mask, s.af)) return (True, list(set(listings))) def get_whitelistings(self): listings = [] (result, db_listings) = self.whitelisting.all() if result: for l in db_listings: listings.append((l.ip.ip, l.ip.last, l.ip.mask, l.ip.af)) (result, rir_listings) = self.rir.filter(whitelisted=True) if result: for rir in rir_listings: (result, rir_subnets) = self.subnet.filter(rir=rir) if result: for s in rir_subnets: listings.append((s.subnet, s.last, s.mask, s.af)) (result, country_listings) = self.country.filter(whitelisted=True) if result: for country in country_listings: (result, country_subnets) = self.subnet.filter(country=country) if result: for s in country_subnets: listings.append((s.subnet, s.last, s.mask, s.af)) (result, provider_listings) = self.asnum.filter(whitelisted=True) if result: for asnum in provider_listings: (result, provider_subnets) = self.subnet.filter(asnum=asnum) if result: for s in provider_subnets: listings.append((s.subnet, s.last, s.mask, s.af)) (result, subnet_listings) = self.subnet.filter(whitelisted=True) if result: for s in subnet_listings: listings.append((s.subnet, s.last, s.mask, s.af)) return (True, list(set(listings)))
basedir = "/www/blacklist/app/backup" from blacklist.common.config import Config from blacklist.middleware.country import Country from blacklist.middleware.rir import RIR from blacklist.middleware.asnum import ASNum from blacklist.middleware.subnet import Subnet from blacklist.middleware.whitelisting import WhiteListing from blacklist.middleware.peering import Peering from blacklist.middleware.rule import Rule from blacklist.middleware.duration import Duration from blacklist.middleware.listing import Listing from blacklist.middleware.historylisting import HistoryListing config = Config() asnum = ASNum() country = Country() rir = RIR() subnet = Subnet() whitelisting = WhiteListing() peering = Peering() rule = Rule() duration = Duration() listing = Listing() historylisting = HistoryListing() def log(msg): stdout.write(msg) stdout.flush() def get_data(item):
def providers(request): errmsg = "" listing_changed = False whitelisting_changed = False for item in request.GET.keys(): if item.startswith("id_"): (result, asn) = asnum.get(id=item[3:]) if result: if request.GET["bulk_action"] == "blacklist": asn.listed = not asn.listed listing_changed = True if asn.whitelisted: whitelisting_changed = True asn.whitelisted = False elif request.GET["bulk_action"] == "whitelist": asn.whitelisted = not asn.whitelisted whitelisting_changed = True if asn.listed: listing_changed = True asn.listed = False asn.save() if listing_changed: broker.update_listings() if whitelisting_changed: broker.update_whitelistings() if "q" in request.GET.keys() and len(request.GET["q"]) != 0: s = Search( model=ASNum(), fields={ "asnum": "asnum", "name": "name", "country": "country__name", "code": "country__code", "rir": "rir__name", "regdate": "regdate", "listed": "listed", "whitelisted": "whitelisted", } ) (result, asnum_data) = s.find(request.GET["q"]) if not result: errmsg = asnum_data (result, asnum_data) = asnum.all() else: (result, asnum_data) = asnum.all() if not result: return HttpResponseRedirect("/") try: page = int(request.GET.get('page', '1')) except: page = 1 asnum_table = ASNumTable( asnum_data, order_by=request.GET.get('sort', 'title') ) if request.method == "GET": search_form = SearchForm(request.GET) else: search_form = SearchForm() return render_to_response("registry/provider/overview.html", { "errmsg": errmsg, "asnum_table": asnum_table, "search_form": search_form, }, context_instance=RequestContext(request))