def get_banned():
"""
Get banned IP addresses.
CLI Example: salt asterisk asterisk.get_banned
"""
result = []
data = ipset_list('blacklist')
lines = data.split('\n')
for line in lines:
# Try IP style
found = RE_IPSET_ENTRY.search(line)
if found:
address, timeout, packets, bytes, comment = found.group(1), \
found.group(2), found.group(3), \
found.group(4), found.group(5)
result.append({
'address': found.group(1),
'timeout': int(found.group(2)),
'packets': int(found.group(3)),
'bytes': int(found.group(4)),
'comment': found.group(5)
})
log.debug('Banned entries: {}'.format(json.dumps(
['{}: {}'.format(k['address'], k['comment']) for k in result],
indent=2)))
return result
def get_ip_count(setname: str) -> int:
ipset = ipset_list(setname)
num = 0
in_data = False
for line in ipset.splitlines():
if not in_data:
if line.startswith('Members'):
in_data = True
continue
num += _count_cidr(line)
return dict(num_unique_ips=num)
def delete_old_set(self):
'''
List all current ipsets in memory and remove old ipsets that are no longer in use.
'''
name_regex = re.compile("^Name: ")
count = 0
logging.debug("Searching current IPSet Names")
for ip_set in ipsetpy.ipset_list().splitlines():
if re.search(name_regex, str(ip_set)):
if ip_set.split(" ")[1] != self.set_name:
count = count + 1
logging.debug("Deleting old IPSet: %s",
ip_set.split(" ")[1])
ipsetpy.ipset_destroy_set(ip_set.split(" ")[1])
if count == 1:
logging.info("Removed %s unused IPSet", str(count))
else:
logging.info("Removed %s unused IPSets", str(count))
def clear_sets():
for set_name in ipset_list(name=True).split():
ipset_destroy_set(set_name=set_name)
for i in strip_tags(str(r.content)).split("\\n"):
if re.match("^.*\.zone", i):
country.append(i[:2])
print("Available countries:")
print(" %s" % ", ".join(country))
exit()
if args.add:
counter = 0
new = False
for country in args.country.split(","):
logging.info("[%s] Fetching RBL" % country.upper())
r = requests.get(
'http://www.ipdeny.com/ipblocks/data/countries/%s.zone' % country)
block_list = r.content.split()
sets = ipset_list(name=True).strip().split()
if not country in sets:
logging.info("[%s] IPSET set does not exist, creating" %
country.upper())
create_set(country)
new = True
logging.debug("[%s] Adding RBL to IPSET set" % country.upper())
for ip in block_list:
logging.debug("[%s] Adding entry %s" % (country.upper(), ip))
if not new:
if ipset_test_entry(country, ip):
continue
counter += 1
ipset_add_entry(set_name=country, entry=ip)
logging.info("[%s] Added %s new entries" % (country.upper(), counter))
from ipsetpy import ipset_version, ipset_create_set, ipset_add_entry, ipset_list, ipset_test_entry, \
ipset_flush_set, ipset_destroy_set
# getting ipset version banner
print(ipset_version())
# creating a set
ipset_create_set('test_set', 'hash:ip', exist=True)
# adding some entries to the "test_set"
ipset_add_entry('test_set', '192.168.1.101', exist=True)
ipset_add_entry('test_set', '192.168.1.103', exist=True)
ipset_add_entry('test_set', '192.168.2.0/24', exist=True)
# listing available sets
print(ipset_list())
# check if ip is in set
print(ipset_test_entry('test_set', '192.168.1.1'))
print(ipset_test_entry('test_set', '192.168.1.101'))
print(ipset_test_entry('test_set', '192.168.2.21'))
print(ipset_test_entry('test_set', '192.168.3.21'))
# delete entries
ipset_flush_set('test_set')