def get_banned(): """ Get banned IP addresses. CLI Example: salt asterisk asterisk.get_banned """ result = [] data = ipset_list('blacklist') lines = data.split('\n') for line in lines: # Try IP style found = RE_IPSET_ENTRY.search(line) if found: address, timeout, packets, bytes, comment = found.group(1), \ found.group(2), found.group(3), \ found.group(4), found.group(5) result.append({ 'address': found.group(1), 'timeout': int(found.group(2)), 'packets': int(found.group(3)), 'bytes': int(found.group(4)), 'comment': found.group(5) }) log.debug('Banned entries: {}'.format(json.dumps( ['{}: {}'.format(k['address'], k['comment']) for k in result], indent=2))) return result
def get_ip_count(setname: str) -> int: ipset = ipset_list(setname) num = 0 in_data = False for line in ipset.splitlines(): if not in_data: if line.startswith('Members'): in_data = True continue num += _count_cidr(line) return dict(num_unique_ips=num)
def delete_old_set(self): ''' List all current ipsets in memory and remove old ipsets that are no longer in use. ''' name_regex = re.compile("^Name: ") count = 0 logging.debug("Searching current IPSet Names") for ip_set in ipsetpy.ipset_list().splitlines(): if re.search(name_regex, str(ip_set)): if ip_set.split(" ")[1] != self.set_name: count = count + 1 logging.debug("Deleting old IPSet: %s", ip_set.split(" ")[1]) ipsetpy.ipset_destroy_set(ip_set.split(" ")[1]) if count == 1: logging.info("Removed %s unused IPSet", str(count)) else: logging.info("Removed %s unused IPSets", str(count))
def clear_sets(): for set_name in ipset_list(name=True).split(): ipset_destroy_set(set_name=set_name)
for i in strip_tags(str(r.content)).split("\\n"): if re.match("^.*\.zone", i): country.append(i[:2]) print("Available countries:") print(" %s" % ", ".join(country)) exit() if args.add: counter = 0 new = False for country in args.country.split(","): logging.info("[%s] Fetching RBL" % country.upper()) r = requests.get( 'http://www.ipdeny.com/ipblocks/data/countries/%s.zone' % country) block_list = r.content.split() sets = ipset_list(name=True).strip().split() if not country in sets: logging.info("[%s] IPSET set does not exist, creating" % country.upper()) create_set(country) new = True logging.debug("[%s] Adding RBL to IPSET set" % country.upper()) for ip in block_list: logging.debug("[%s] Adding entry %s" % (country.upper(), ip)) if not new: if ipset_test_entry(country, ip): continue counter += 1 ipset_add_entry(set_name=country, entry=ip) logging.info("[%s] Added %s new entries" % (country.upper(), counter))
from ipsetpy import ipset_version, ipset_create_set, ipset_add_entry, ipset_list, ipset_test_entry, \ ipset_flush_set, ipset_destroy_set # getting ipset version banner print(ipset_version()) # creating a set ipset_create_set('test_set', 'hash:ip', exist=True) # adding some entries to the "test_set" ipset_add_entry('test_set', '192.168.1.101', exist=True) ipset_add_entry('test_set', '192.168.1.103', exist=True) ipset_add_entry('test_set', '192.168.2.0/24', exist=True) # listing available sets print(ipset_list()) # check if ip is in set print(ipset_test_entry('test_set', '192.168.1.1')) print(ipset_test_entry('test_set', '192.168.1.101')) print(ipset_test_entry('test_set', '192.168.2.21')) print(ipset_test_entry('test_set', '192.168.3.21')) # delete entries ipset_flush_set('test_set')