mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12108 Commits
30 Branches
Tree: 7f5ca7ae3d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7f5ca7ae3d'
${ noResults }
rspamd/utils/asn.pl

asn.pl 6.3KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259 
  1. #!/usr/bin/env perl

  2. 

  3. use warnings;

  4. use strict;

  5. use Pod::Usage;

  6. use Getopt::Long;

  7. use File::Fetch;

  8. use LWP::Simple;

  9. use PerlIO::gzip;

  10. use File::Basename;

  11. use Net::MRT;

  12. use URI;

  13. use Data::Dumper;

  14. 

  15. $LWP::Simple::ua->show_progress(1);

  16. $Net::MRT::USE_RFC4760 = -1;

  17. 

  18. my %config = (

  19.   asn_sources => [

  20.     'ftp://ftp.arin.net/pub/stats/arin/delegated-arin-extended-latest',

  21.     'ftp://ftp.ripe.net/ripe/stats/delegated-ripencc-latest',

  22.     'ftp://ftp.afrinic.net/pub/stats/afrinic/delegated-afrinic-latest',

  23.     'ftp://ftp.apnic.net/pub/stats/apnic/delegated-apnic-latest',

  24.     'ftp://ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-latest'

  25.   ],

  26.   bgp_sources => ['http://data.ris.ripe.net/rrc00/latest-bview.gz']

  27. );

  28. 

  29. my $download_asn    = 0;

  30. my $download_bgp    = 0;

  31. my $download_target = "./";

  32. my $help            = 0;

  33. my $man             = 0;

  34. my $v4              = 1;

  35. my $v6              = 1;

  36. my $parse           = 1;

  37. my $v4_zone         = "asn.rspamd.com";

  38. my $v6_zone         = "asn6.rspamd.com";

  39. my $v4_file         = "asn.zone";

  40. my $v6_file         = "asn6.zone";

  41. my $ns_servers      = ["asn-ns.rspamd.com", "asn-ns2.rspamd.com"];

  42. 

  43. GetOptions(

  44.   "download-asn" => \$download_asn,

  45.   "download-bgp" => \$download_bgp,

  46.   "4!"           => \$v4,

  47.   "6!"           => \$v6,

  48.   "parse!"       => \$parse,

  49.   "target=s"     => \$download_target,

  50.   "zone-v4=s"    => \$v4_zone,

  51.   "zone-v6=s"    => \$v6_zone,

  52.   "file-v4=s"    => \$v4_file,

  53.   "file-v6=s"    => \$v6_file,

  54.   "ns-server=s@" => \$ns_servers,

  55.   "help|?"       => \$help,

  56.   "man"          => \$man

  57. ) or pod2usage(2);

  58. 

  59. pod2usage(1) if $help;

  60. pod2usage( -exitval => 0, -verbose => 2 ) if $man;

  61. 

  62. sub download_file {

  63.   my ($u) = @_;

  64. 

  65.   print "Fetching $u\n";

  66.   my $ff = File::Fetch->new( uri => $u );

  67.   my $where = $ff->fetch( to => $download_target ) or die $ff->error;

  68. 

  69.   return $where;

  70. }

  71. 

  72. if ($download_asn) {

  73.   foreach my $u ( @{ $config{'asn_sources'} } ) {

  74.     download_file($u);

  75.   }

  76. }

  77. 

  78. if ($download_bgp) {

  79.   foreach my $u ( @{ $config{'bgp_sources'} } ) {

  80.     download_file($u);

  81.   }

  82. }

  83. 

  84. if ( !$parse ) {

  85.   exit 0;

  86. }

  87. 

  88. my $v4_fh;

  89. my $v6_fh;

  90. 

  91. if ($v4) {

  92.   open( $v4_fh, ">", $v4_file ) or die "Cannot open $v4_file for writing: $!";

  93.   print $v4_fh

  94.     "\$SOA 43200 $ns_servers->[0] support.rspamd.com 0 600 300 86400 300\n";

  95.   foreach my $ns (@{$ns_servers}) {

  96.     print $v4_fh "\$NS 43200 $ns\n";

  97.   }

  98. }

  99. if ($v6) {

  100.   open( $v6_fh, ">", $v6_file ) or die "Cannot open $v6_file for writing: $!";

  101.   print $v6_fh

  102.     "\$SOA 43200 $ns_servers->[0] support.rspamd.com 0 600 300 86400 300\n";

  103.   foreach my $ns (@{$ns_servers}) {

  104.     print $v6_fh "\$NS 43200 $ns\n";

  105.   }

  106. }

  107. 

  108. # Now load BGP data

  109. my $networks = {};

  110. 

  111. foreach my $u ( @{ $config{'bgp_sources'} } ) {

  112.   my $parsed = URI->new($u);

  113.   my $fname  = $download_target . '/' . basename( $parsed->path );

  114.   open( my $fh, "<:gzip", $fname )

  115.     or die "Cannot open $fname: $!";

  116. 

  117.   while ( my $dd = eval { Net::MRT::mrt_read_next($fh) } ) {

  118.     if ( $dd->{'prefix'} && $dd->{'bits'} ) {

  119.       next if $dd->{'subtype'} == 2 and !$v4;

  120.       next if $dd->{'subtype'} == 4 and !$v6;

  121.       my $entry = $dd->{'entries'}->[0];

  122.       my $net   = $dd->{'prefix'} . '/' . $dd->{'bits'};

  123.       if ( $entry && $entry->{'AS_PATH'} ) {

  124.         my $as = $entry->{'AS_PATH'}->[-1];

  125.         if (ref($as) eq "ARRAY") {

  126.           $as = @{$as}[0];

  127.         }

  128. 

  129.         if ( !$networks->{$as} ) {

  130.           if ( $dd->{'subtype'} == 2 ) {

  131.             $networks->{$as} = { nets_v4 => [$net], nets_v6 => [] };

  132.           }

  133.           else {

  134.             $networks->{$as} = { nets_v6 => [$net], nets_v4 => [] };

  135.           }

  136.         }

  137.         else {

  138.           if ( $dd->{'subtype'} == 2 ) {

  139.             push @{ $networks->{$as}->{'nets_v4'} }, $net;

  140.           }

  141.           else {

  142.             push @{ $networks->{$as}->{'nets_v6'} }, $net;

  143.           }

  144.         }

  145.       }

  146.     }

  147.   }

  148. }

  149. 

  150. # Now roughly detect countries

  151. foreach my $u ( @{ $config{'asn_sources'} } ) {

  152.   my $parsed = URI->new($u);

  153.   my $fname  = $download_target . '/' . basename( $parsed->path );

  154.   open( my $fh, "<", $fname ) or die "Cannot open $fname: $!";

  155. 

  156.   while (<$fh>) {

  157.     next if /^\#/;

  158.     chomp;

  159.     my @elts = split /\|/;

  160. 

  161.     if ( $elts[2] eq 'asn' && $elts[3] ne '*' ) {

  162.       my $as_start = int( $elts[3] );

  163.       my $as_end   = $as_start + int( $elts[4] );

  164. 

  165.       for ( my $as = $as_start ; $as < $as_end ; $as++ ) {

  166.         my $real_as = $as;

  167. 

  168.         if (ref($as) eq "ARRAY") {

  169.           $real_as = @{$as}[0];

  170.         }

  171. 

  172.         if ( $networks->{"$real_as"} ) {

  173.           $networks->{"$real_as"}->{'country'} = $elts[1];

  174.           $networks->{"$real_as"}->{'rir'}     = $elts[0];

  175.         }

  176.       }

  177.     }

  178.   }

  179. }

  180. 

  181. while ( my ( $k, $v ) = each( %{$networks} ) ) {

  182.   if ($v4) {

  183.     foreach my $n ( @{ $v->{'nets_v4'} } ) {

  184. 

  185.       # "15169 | 8.8.8.0/24 | US | arin |" for 8.8.8.8

  186.       if ( $v->{'country'} ) {

  187.         printf $v4_fh "%s %s|%s|%s|%s|\n", $n, $k, $n, $v->{'country'}, $v->{'rir'};

  188.       }

  189.       else {

  190.         printf $v4_fh "%s %s|%s|%s|%s|\n", $n, $k, $n, 'UN', 'UN';

  191.       }

  192.     }

  193.   }

  194.   if ($v6) {

  195.     foreach my $n ( @{ $v->{'nets_v6'} } ) {

  196. 

  197.       # "15169 | 8.8.8.0/24 | US | arin |" for 8.8.8.8

  198.       if ( $v->{'country'} ) {

  199.         printf $v6_fh "%s %s|%s|%s|%s|\n", $n, $k, $n, $v->{'country'}, $v->{'rir'};

  200.       }

  201.       else {

  202.         printf $v6_fh "%s %s|%s|%s|%s|\n", $n, $k, $n, 'UN', 'UN';

  203.       }

  204.     }

  205.   }

  206. }

  207. 

  208. __END__

  209. 

  210. =head1 NAME

  211. 

  212. asn.pl - download and parse ASN data for Rspamd

  213. 

  214. =head1 SYNOPSIS

  215. 

  216. asn.pl [options]

  217. 

  218.  Options:

  219.    --download-asn         Download ASN data from RIR

  220.    --download-bgp         Download GeoIP data from Maxmind

  221.    --target               Where to download files (default: current dir)

  222.    --zone-v4              IPv4 zone (default: asn.rspamd.com)

  223.    --zone-v6              IPv6 zone (default: asn6.rspamd.com)

  224.    --file-v4              IPv4 zone file (default: ./asn.zone)

  225.    --file-v6              IPv6 zone (default: ./asn6.zone)

  226.    --help                 Brief help message

  227.    --man                  Full documentation

  228. 

  229. =head1 OPTIONS

  230. 

  231. =over 8

  232. 

  233. =item B<--download-asn>

  234. 

  235. Download ASN data from RIR.

  236. 

  237. =item B<--download-bgp>

  238. 

  239. Download GeoIP data from Ripe

  240. 

  241. =item B<--target>

  242. 

  243. Specifies where to download files.

  244. 

  245. =item B<--help>

  246. 

  247. Print a brief help message and exits.

  248. 

  249. =item B<--man>

  250. 

  251. Prints the manual page and exits.

  252. 

  253. =back

  254. 

  255. =head1 DESCRIPTION

  256. 

  257. B<asn.pl> is intended to download ASN data and GeoIP data and create a rbldnsd zone.

  258. 

  259. =cut