#!/usr/bin/env perl # use warnings; use strict; use autodie; use File::Basename; use File::Fetch; use Getopt::Long; use Pod::Usage; use FindBin; use lib "$FindBin::Bin/extlib/lib/perl5"; use URI; my %config = ( asn_sources => [ 'ftp://ftp.arin.net/pub/stats/arin/delegated-arin-extended-latest', 'ftp://ftp.ripe.net/ripe/stats/delegated-ripencc-latest', 'http://ftp.afrinic.net/pub/stats/afrinic/delegated-afrinic-latest', 'ftp://ftp.apnic.net/pub/stats/apnic/delegated-apnic-latest', 'ftp://ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-latest' ], bgp_sources => ['http://data.ris.ripe.net/rrc00/latest-bview.gz'] ); my $download_asn = 0; my $download_bgp = 0; my $download_target = "./"; my $help = 0; my $man = 0; my $v4 = 1; my $v6 = 1; my $parse = 1; my $v4_zone = "asn.rspamd.com"; my $v6_zone = "asn6.rspamd.com"; my $v4_file = "asn.zone"; my $v6_file = "asn6.zone"; my $ns_servers = [ "asn-ns.rspamd.com", "asn-ns2.rspamd.com" ]; GetOptions( "download-asn" => \$download_asn, "download-bgp" => \$download_bgp, "4!" => \$v4, "6!" => \$v6, "parse!" => \$parse, "target=s" => \$download_target, "zone-v4=s" => \$v4_zone, "zone-v6=s" => \$v6_zone, "file-v4=s" => \$v4_file, "file-v6=s" => \$v6_file, "ns-server=s@" => \$ns_servers, "help|?" => \$help, "man" => \$man ) or pod2usage(2); pod2usage(1) if $help; pod2usage(-exitval => 0, -verbose => 2) if $man; if ($download_asn) { foreach my $u (@{ $config{'asn_sources'} }) { download_file($u); } } if ($download_bgp) { foreach my $u (@{ $config{'bgp_sources'} }) { download_file($u); } } if (!$parse) { exit 0; } # Prefix to ASN map my $networks = { 4 => {}, 6 => {} }; foreach my $u (@{ $config{'bgp_sources'} }) { my $parsed = URI->new($u); my $fname = $download_target . '/' . basename($parsed->path); use constant { F_MARKER => 0, F_TIMESTAMP => 1, F_PEER_IP => 3, F_PEER_AS => 4, F_PREFIX => 5, F_AS_PATH => 6, F_ORIGIN => 7, }; open(my $bgpd, '-|', "bgpdump -v -M $fname") or die "can't start bgpdump: $!"; while (<$bgpd>) { chomp; my @e = split /\|/; if ($e[F_MARKER] ne 'TABLE_DUMP2') { warn "bad line: $_\n"; next; } my $origin_as; my $prefix = $e[F_PREFIX]; my $ip_ver = 6; if ($prefix =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/\d{1,2}$/) { $ip_ver = 4; } if ($e[F_AS_PATH]) { # not empty AS_PATH my @as_path = split /\s/, $e[F_AS_PATH]; $origin_as = pop @as_path; if (substr($origin_as, 0, 1) eq '{') { # route is aggregated if ($origin_as =~ /^{(\d+)}$/) { # single AS aggregated, just remove { } around $origin_as = $1; } else { # use previous AS from AS_PATH $origin_as = pop @as_path; } } # strip bogus AS while (is_bougus_asn($origin_as)) { $origin_as = pop @as_path; last if scalar @as_path == 0; } } # empty AS_PATH or all AS_PATH elements was stripped as bogus - use # PEER_AS as origin AS $origin_as //= $e[F_PEER_AS]; $networks->{$ip_ver}{$prefix} = int($origin_as); } } # Remove default routes delete $networks->{4}{'0.0.0.0/0'}; delete $networks->{6}{'::/0'}; # Now roughly detect countries my $as_info = {}; # RIR statistics exchange format # https://www.apnic.net/publications/media-library/documents/resource-guidelines/rir-statistics-exchange-format # https://www.arin.net/knowledge/statistics/nro_extended_stats_format.pdf # first 7 fields for this two formats are same use constant { F_REGISTRY => 0, # {afrinic,apnic,arin,iana,lacnic,ripencc} F_CC => 1, # ISO 3166 2-letter contry code F_TYPE => 2, # {asn,ipv4,ipv6} F_START => 3, F_VALUE => 4, F_DATE => 5, F_STATUS => 6, }; foreach my $u (@{ $config{'asn_sources'} }) { my $parsed = URI->new($u); my $fname = $download_target . '/' . basename($parsed->path); open(my $fh, "<", $fname) or die "Cannot open $fname: $!"; while (<$fh>) { next if /^\#/; chomp; my @elts = split /\|/; if ($elts[F_TYPE] eq 'asn' && $elts[F_START] ne '*') { my $as_start = int($elts[F_START]); my $as_end = $as_start + int($elts[F_VALUE]) - 1; for my $as ($as_start .. $as_end) { $as_info->{$as}{'country'} = $elts[F_CC]; $as_info->{$as}{'rir'} = $elts[F_REGISTRY]; } } } } # Write zone files my $ns_list = join ' ', @{$ns_servers}; my $zone_header = << "EOH"; \$SOA 43200 $ns_servers->[0] support.rspamd.com 0 600 300 86400 300 \$NS 43200 $ns_list EOH if ($v4) { open my $v4_fh, '>', ".$v4_file.tmp"; print $v4_fh $zone_header; while (my ($net, $asn) = each %{ $networks->{4} }) { my $country = $as_info->{$asn}{'country'} || 'UN'; my $rir = $as_info->{$asn}{'rir'} || 'UN'; # "15169|8.8.8.0/24|US|arin|" for 8.8.8.8 printf $v4_fh "%s %s|%s|%s|%s|\n", $net, $asn, $net, $country, $rir; } close $v4_fh; rename ".$v4_file.tmp", $v4_file; } if ($v6) { open my $v6_fh, '>', ".$v6_file.tmp"; print $v6_fh $zone_header; while (my ($net, $asn) = each %{ $networks->{6} }) { my $country = $as_info->{$asn}{'country'} || 'UN'; my $rir = $as_info->{$asn}{'rir'} || 'UN'; # "2606:4700:4700::/48 13335|2606:4700:4700::/48|US|arin|" for 2606:4700:4700::1111 printf $v6_fh "%s %s|%s|%s|%s|\n", $net, $asn, $net, $country, $rir; } close $v6_fh; rename ".$v6_file.tmp", $v6_file; } exit 0; ######################################################################## sub download_file { my ($url) = @_; local $File::Fetch::WARN = 0; local $File::Fetch::TIMEOUT = 180; # connectivity to ftp.lacnic.net is bad my $ff = File::Fetch->new(uri => $url); my $where = $ff->fetch(to => $download_target) or die "$url: ", $ff->error; return $where; } # Returns true if AS number is bogus # e. g. a private AS. # List of allocated and reserved AS: # https://www.iana.org/assignments/as-numbers/as-numbers.txt sub is_bougus_asn { my $as = shift; # 64496-64511 Reserved for use in documentation and sample code # 64512-65534 Designated for private use # 65535 Reserved # 65536-65551 Reserved for use in documentation and sample code # 65552-131071 Reserved return 1 if $as >= 64496 && $as <= 131071; # Reserved (RFC6996, RFC7300, RFC7607) return 1 if $as == 0 || $as >= 4200000000; return 0; } __END__ =head1 NAME asn.pl - download and parse ASN data for Rspamd =head1 SYNOPSIS asn.pl [options] Options: --download-asn Download ASN data from RIRs --download-bgp Download BGP full view dump from RIPE RIS --target Where to download files (default: current dir) --zone-v4 IPv4 zone (default: asn.rspamd.com) --zone-v6 IPv6 zone (default: asn6.rspamd.com) --file-v4 IPv4 zone file (default: ./asn.zone) --file-v6 IPv6 zone (default: ./asn6.zone) --help Brief help message --man Full documentation =head1 OPTIONS =over 8 =item B<--download-asn> Download ASN data from RIR. =item B<--download-bgp> Download GeoIP data from Ripe =item B<--target> Specifies where to download files. =item B<--help> Print a brief help message and exits. =item B<--man> Prints the manual page and exits. =back =head1 DESCRIPTION B is intended to download ASN data and GeoIP data and create a rbldnsd zone. =cut # vim: et:ts=4:sw=4