2 ###############################################################################
4 # libloc - A library to determine the location of someone on the Internet #
6 # Copyright (C) 2020 IPFire Development Team <info@ipfire.org> #
8 # This library is free software; you can redistribute it and/or #
9 # modify it under the terms of the GNU Lesser General Public #
10 # License as published by the Free Software Foundation; either #
11 # version 2.1 of the License, or (at your option) any later version. #
13 # This library is distributed in the hope that it will be useful, #
14 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU #
16 # Lesser General Public License for more details. #
18 ###############################################################################
29 # Load our location module
31 import location
.database
32 import location
.importer
33 from location
.i18n
import _
36 log
= logging
.getLogger("location.importer")
41 parser
= argparse
.ArgumentParser(
42 description
=_("Location Importer Command Line Interface"),
44 subparsers
= parser
.add_subparsers()
46 # Global configuration flags
47 parser
.add_argument("--debug", action
="store_true",
48 help=_("Enable debug output"))
49 parser
.add_argument("--quiet", action
="store_true",
50 help=_("Enable quiet mode"))
53 parser
.add_argument("--version", action
="version",
54 version
="%(prog)s @VERSION@")
57 parser
.add_argument("--database-host", required
=True,
58 help=_("Database Hostname"), metavar
=_("HOST"))
59 parser
.add_argument("--database-name", required
=True,
60 help=_("Database Name"), metavar
=_("NAME"))
61 parser
.add_argument("--database-username", required
=True,
62 help=_("Database Username"), metavar
=_("USERNAME"))
63 parser
.add_argument("--database-password", required
=True,
64 help=_("Database Password"), metavar
=_("PASSWORD"))
67 write
= subparsers
.add_parser("write", help=_("Write database to file"))
68 write
.set_defaults(func
=self
.handle_write
)
69 write
.add_argument("file", nargs
=1, help=_("Database File"))
70 write
.add_argument("--signing-key", nargs
="?", type=open, help=_("Signing Key"))
71 write
.add_argument("--backup-signing-key", nargs
="?", type=open, help=_("Backup Signing Key"))
72 write
.add_argument("--vendor", nargs
="?", help=_("Sets the vendor"))
73 write
.add_argument("--description", nargs
="?", help=_("Sets a description"))
74 write
.add_argument("--license", nargs
="?", help=_("Sets the license"))
75 write
.add_argument("--version", type=int, help=_("Database Format Version"))
78 update_whois
= subparsers
.add_parser("update-whois", help=_("Update WHOIS Information"))
79 update_whois
.set_defaults(func
=self
.handle_update_whois
)
81 # Update announcements
82 update_announcements
= subparsers
.add_parser("update-announcements",
83 help=_("Update BGP Annoucements"))
84 update_announcements
.set_defaults(func
=self
.handle_update_announcements
)
85 update_announcements
.add_argument("server", nargs
=1,
86 help=_("Route Server to connect to"), metavar
=_("SERVER"))
89 update_overrides
= subparsers
.add_parser("update-overrides",
90 help=_("Update overrides"),
92 update_overrides
.add_argument(
93 "files", nargs
="+", help=_("Files to import"),
95 update_overrides
.set_defaults(func
=self
.handle_update_overrides
)
98 import_countries
= subparsers
.add_parser("import-countries",
99 help=_("Import countries"),
101 import_countries
.add_argument("file", nargs
=1, type=argparse
.FileType("r"),
102 help=_("File to import"))
103 import_countries
.set_defaults(func
=self
.handle_import_countries
)
105 args
= parser
.parse_args()
109 location
.logger
.set_level(logging
.DEBUG
)
111 location
.logger
.set_level(logging
.WARNING
)
113 # Print usage if no action was given
114 if not "func" in args
:
121 # Parse command line arguments
122 args
= self
.parse_cli()
124 # Initialise database
125 self
.db
= self
._setup
_database
(args
)
128 ret
= args
.func(args
)
130 # Return with exit code
134 # Otherwise just exit
137 def _setup_database(self
, ns
):
139 Initialise the database
141 # Connect to database
142 db
= location
.database
.Connection(
143 host
=ns
.database_host
, database
=ns
.database_name
,
144 user
=ns
.database_username
, password
=ns
.database_password
,
147 with db
.transaction():
150 CREATE TABLE IF NOT EXISTS announcements(network inet, autnum bigint,
151 first_seen_at timestamp without time zone DEFAULT CURRENT_TIMESTAMP,
152 last_seen_at timestamp without time zone DEFAULT CURRENT_TIMESTAMP);
153 CREATE UNIQUE INDEX IF NOT EXISTS announcements_networks ON announcements(network);
154 CREATE INDEX IF NOT EXISTS announcements_family ON announcements(family(network));
157 CREATE TABLE IF NOT EXISTS autnums(number bigint, name text NOT NULL);
158 CREATE UNIQUE INDEX IF NOT EXISTS autnums_number ON autnums(number);
161 CREATE TABLE IF NOT EXISTS countries(
162 country_code text NOT NULL, name text NOT NULL, continent_code text NOT NULL);
163 CREATE UNIQUE INDEX IF NOT EXISTS countries_country_code ON countries(country_code);
166 CREATE TABLE IF NOT EXISTS networks(network inet, country text);
167 CREATE UNIQUE INDEX IF NOT EXISTS networks_network ON networks(network);
168 CREATE INDEX IF NOT EXISTS networks_search ON networks USING GIST(network inet_ops);
171 CREATE TABLE IF NOT EXISTS autnum_overrides(
172 number bigint NOT NULL,
175 is_anonymous_proxy boolean,
176 is_satellite_provider boolean,
179 CREATE UNIQUE INDEX IF NOT EXISTS autnum_overrides_number
180 ON autnum_overrides(number);
182 CREATE TABLE IF NOT EXISTS network_overrides(
183 network inet NOT NULL,
185 is_anonymous_proxy boolean,
186 is_satellite_provider boolean,
189 CREATE UNIQUE INDEX IF NOT EXISTS network_overrides_network
190 ON network_overrides(network);
195 def handle_write(self
, ns
):
197 Compiles a database in libloc format out of what is in the database
200 writer
= location
.Writer(ns
.signing_key
, ns
.backup_signing_key
)
204 writer
.vendor
= ns
.vendor
207 writer
.description
= ns
.description
210 writer
.license
= ns
.license
212 # Add all Autonomous Systems
213 log
.info("Writing Autonomous Systems...")
215 # Select all ASes with a name
216 rows
= self
.db
.query("""
218 autnums.number AS number,
220 (SELECT overrides.name FROM autnum_overrides overrides
221 WHERE overrides.number = autnums.number),
225 WHERE name <> %s ORDER BY number
229 a
= writer
.add_as(row
.number
)
233 log
.info("Writing networks...")
235 # Select all known networks
236 rows
= self
.db
.query("""
237 -- Get a (sorted) list of all known networks
238 WITH known_networks AS (
239 SELECT network FROM announcements
241 SELECT network FROM networks
245 -- Return a list of those networks enriched with all
246 -- other information that we store in the database
248 DISTINCT ON (known_networks.network)
249 known_networks.network AS network,
250 announcements.autnum AS autnum,
255 SELECT country FROM network_overrides overrides
256 WHERE announcements.network <<= overrides.network
257 ORDER BY masklen(overrides.network) DESC
261 SELECT country FROM autnum_overrides overrides
262 WHERE announcements.autnum = overrides.number
270 SELECT is_anonymous_proxy FROM network_overrides overrides
271 WHERE announcements.network <<= overrides.network
272 ORDER BY masklen(overrides.network) DESC
276 SELECT is_anonymous_proxy FROM autnum_overrides overrides
277 WHERE announcements.autnum = overrides.number
280 ) AS is_anonymous_proxy,
283 SELECT is_satellite_provider FROM network_overrides overrides
284 WHERE announcements.network <<= overrides.network
285 ORDER BY masklen(overrides.network) DESC
289 SELECT is_satellite_provider FROM autnum_overrides overrides
290 WHERE announcements.autnum = overrides.number
293 ) AS is_satellite_provider,
296 SELECT is_anycast FROM network_overrides overrides
297 WHERE announcements.network <<= overrides.network
298 ORDER BY masklen(overrides.network) DESC
302 SELECT is_anycast FROM autnum_overrides overrides
303 WHERE announcements.autnum = overrides.number
308 -- Must be part of returned values for ORDER BY clause
309 masklen(announcements.network) AS sort_a,
310 masklen(networks.network) AS sort_b
312 LEFT JOIN announcements ON known_networks.network <<= announcements.network
313 LEFT JOIN networks ON known_networks.network <<= networks.network
314 ORDER BY known_networks.network, sort_a DESC, sort_b DESC
318 network
= writer
.add_network(row
.network
)
322 network
.country_code
= row
.country
326 network
.asn
= row
.autnum
329 if row
.is_anonymous_proxy
:
330 network
.set_flag(location
.NETWORK_FLAG_ANONYMOUS_PROXY
)
332 if row
.is_satellite_provider
:
333 network
.set_flag(location
.NETWORK_FLAG_SATELLITE_PROVIDER
)
336 network
.set_flag(location
.NETWORK_FLAG_ANYCAST
)
339 log
.info("Writing countries...")
340 rows
= self
.db
.query("SELECT * FROM countries ORDER BY country_code")
343 c
= writer
.add_country(row
.country_code
)
344 c
.continent_code
= row
.continent_code
347 # Write everything to file
348 log
.info("Writing database to file...")
352 def handle_update_whois(self
, ns
):
353 downloader
= location
.importer
.Downloader()
355 # Download all sources
356 with self
.db
.transaction():
357 # Create some temporary tables to store parsed data
359 CREATE TEMPORARY TABLE _autnums(number integer, organization text)
361 CREATE UNIQUE INDEX _autnums_number ON _autnums(number);
363 CREATE TEMPORARY TABLE _organizations(handle text, name text NOT NULL)
365 CREATE UNIQUE INDEX _organizations_handle ON _organizations(handle);
368 for source
in location
.importer
.WHOIS_SOURCES
:
369 with downloader
.request(source
, return_blocks
=True) as f
:
371 self
._parse
_block
(block
)
374 INSERT INTO autnums(number, name)
375 SELECT _autnums.number, _organizations.name FROM _autnums
376 JOIN _organizations ON _autnums.organization = _organizations.handle
377 ON CONFLICT (number) DO UPDATE SET name = excluded.name
381 --- Purge any redundant entries
382 CREATE TEMPORARY TABLE _garbage ON COMMIT DROP
384 SELECT network FROM networks candidates
388 networks.network << candidates.network
390 networks.country = candidates.country
393 CREATE UNIQUE INDEX _garbage_search ON _garbage USING BTREE(network);
395 DELETE FROM networks WHERE EXISTS (
396 SELECT FROM _garbage WHERE networks.network = _garbage.network
400 # Download all extended sources
401 for source
in location
.importer
.EXTENDED_SOURCES
:
402 with self
.db
.transaction():
404 with downloader
.request(source
) as f
:
406 self
._parse
_line
(line
)
408 def _parse_block(self
, block
):
409 # Get first line to find out what type of block this is
413 if line
.startswith("aut-num:"):
414 return self
._parse
_autnum
_block
(block
)
417 if line
.startswith("inet6num:") or line
.startswith("inetnum:"):
418 return self
._parse
_inetnum
_block
(block
)
421 elif line
.startswith("organisation:"):
422 return self
._parse
_org
_block
(block
)
424 def _parse_autnum_block(self
, block
):
428 key
, val
= split_line(line
)
431 m
= re
.match(r
"^(AS|as)(\d+)", val
)
433 autnum
["asn"] = m
.group(2)
442 # Insert into database
443 self
.db
.execute("INSERT INTO _autnums(number, organization) \
444 VALUES(%s, %s) ON CONFLICT (number) DO UPDATE SET \
445 organization = excluded.organization",
446 autnum
.get("asn"), autnum
.get("org"),
449 def _parse_inetnum_block(self
, block
):
450 logging
.debug("Parsing inetnum block:")
457 key
, val
= split_line(line
)
460 start_address
, delim
, end_address
= val
.partition("-")
462 # Strip any excess space
463 start_address
, end_address
= start_address
.rstrip(), end_address
.strip()
465 # Convert to IP address
467 start_address
= ipaddress
.ip_address(start_address
)
468 end_address
= ipaddress
.ip_address(end_address
)
470 logging
.warning("Could not parse line: %s" % line
)
473 # Set prefix to default
476 # Count number of addresses in this subnet
477 num_addresses
= int(end_address
) - int(start_address
)
479 prefix
-= math
.log(num_addresses
, 2)
481 inetnum
["inetnum"] = "%s/%.0f" % (start_address
, prefix
)
483 elif key
== "inet6num":
486 elif key
== "country":
487 if val
== "UNITED STATES":
490 inetnum
[key
] = val
.upper()
496 network
= ipaddress
.ip_network(inetnum
.get("inet6num") or inetnum
.get("inetnum"), strict
=False)
498 # Bail out in case we have processed a non-public IP network
499 if network
.is_private
:
500 logging
.warning("Skipping non-globally routable network: %s" % network
)
503 self
.db
.execute("INSERT INTO networks(network, country) \
504 VALUES(%s, %s) ON CONFLICT (network) DO UPDATE SET country = excluded.country",
505 "%s" % network
, inetnum
.get("country"),
508 def _parse_org_block(self
, block
):
512 key
, val
= split_line(line
)
514 if key
in ("organisation", "org-name"):
521 self
.db
.execute("INSERT INTO _organizations(handle, name) \
522 VALUES(%s, %s) ON CONFLICT (handle) DO \
523 UPDATE SET name = excluded.name",
524 org
.get("organisation"), org
.get("org-name"),
527 def _parse_line(self
, line
):
529 if line
.startswith("2"):
533 if line
.startswith("#"):
537 registry
, country_code
, type, line
= line
.split("|", 3)
539 log
.warning("Could not parse line: %s" % line
)
542 # Skip any lines that are for stats only
543 if country_code
== "*":
546 if type in ("ipv6", "ipv4"):
547 return self
._parse
_ip
_line
(country_code
, type, line
)
549 def _parse_ip_line(self
, country
, type, line
):
551 address
, prefix
, date
, status
, organization
= line
.split("|")
555 # Try parsing the line without organization
557 address
, prefix
, date
, status
= line
.split("|")
559 log
.warning("Unhandled line format: %s" % line
)
562 # Skip anything that isn't properly assigned
563 if not status
in ("assigned", "allocated"):
566 # Cast prefix into an integer
570 log
.warning("Invalid prefix: %s" % prefix
)
573 # Fix prefix length for IPv4
575 prefix
= 32 - int(math
.log(prefix
, 2))
577 # Try to parse the address
579 network
= ipaddress
.ip_network("%s/%s" % (address
, prefix
), strict
=False)
581 log
.warning("Invalid IP address: %s" % address
)
584 self
.db
.execute("INSERT INTO networks(network, country) \
585 VALUES(%s, %s) ON CONFLICT (network) DO \
586 UPDATE SET country = excluded.country",
587 "%s" % network
, country
,
590 def handle_update_announcements(self
, ns
):
591 server
= ns
.server
[0]
593 with self
.db
.transaction():
594 if server
.startswith("/"):
595 self
._handle
_update
_announcements
_from
_bird
(server
)
597 self
._handle
_update
_announcements
_from
_telnet
(server
)
599 # Purge anything we never want here
601 -- Delete default routes
602 DELETE FROM announcements WHERE network = '::/0' OR network = '0.0.0.0/0';
604 -- Delete anything that is not global unicast address space
605 DELETE FROM announcements WHERE family(network) = 6 AND NOT network <<= '2000::/3';
607 -- DELETE "current network" address space
608 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '0.0.0.0/8';
610 -- DELETE local loopback address space
611 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '127.0.0.0/8';
613 -- DELETE RFC 1918 address space
614 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '10.0.0.0/8';
615 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '172.16.0.0/12';
616 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '192.168.0.0/16';
618 -- DELETE test, benchmark and documentation address space
619 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '192.0.0.0/24';
620 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '192.0.2.0/24';
621 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '198.18.0.0/15';
622 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '198.51.100.0/24';
623 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '203.0.113.0/24';
625 -- DELETE CGNAT address space (RFC 6598)
626 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '100.64.0.0/10';
628 -- DELETE link local address space
629 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '169.254.0.0/16';
631 -- DELETE IPv6 to IPv4 (6to4) address space
632 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '192.88.99.0/24';
634 -- DELETE multicast and reserved address space
635 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '224.0.0.0/4';
636 DELETE FROM announcements WHERE family(network) = 4 AND network <<= '240.0.0.0/4';
638 -- Delete networks that are too small to be in the global routing table
639 DELETE FROM announcements WHERE family(network) = 6 AND masklen(network) > 48;
640 DELETE FROM announcements WHERE family(network) = 4 AND masklen(network) > 24;
642 -- Delete any non-public or reserved ASNs
643 DELETE FROM announcements WHERE NOT (
644 (autnum >= 1 AND autnum <= 23455)
646 (autnum >= 23457 AND autnum <= 64495)
648 (autnum >= 131072 AND autnum <= 4199999999)
651 -- Delete everything that we have not seen for 14 days
652 DELETE FROM announcements WHERE last_seen_at <= CURRENT_TIMESTAMP - INTERVAL '14 days';
655 def _handle_update_announcements_from_bird(self
, server
):
656 # Pre-compile the regular expression for faster searching
657 route
= re
.compile(b
"^\s(.+?)\s+.+?\[AS(.*?).\]$")
659 log
.info("Requesting routing table from Bird (%s)" % server
)
661 # Send command to list all routes
662 for line
in self
._bird
_cmd
(server
, "show route"):
663 m
= route
.match(line
)
665 log
.debug("Could not parse line: %s" % line
.decode())
668 # Fetch the extracted network and ASN
669 network
, autnum
= m
.groups()
671 # Insert it into the database
672 self
.db
.execute("INSERT INTO announcements(network, autnum) \
673 VALUES(%s, %s) ON CONFLICT (network) DO \
674 UPDATE SET autnum = excluded.autnum, last_seen_at = CURRENT_TIMESTAMP",
675 network
.decode(), autnum
.decode(),
678 def _handle_update_announcements_from_telnet(self
, server
):
679 # Pre-compile regular expression for routes
680 route
= re
.compile(b
"^\*[\s\>]i([^\s]+).+?(\d+)\si\r\n", re
.MULTILINE|re
.DOTALL
)
682 with telnetlib
.Telnet(server
) as t
:
685 # t.set_debuglevel(10)
687 # Wait for console greeting
688 greeting
= t
.read_until(b
"> ", timeout
=30)
690 log
.error("Could not get a console prompt")
694 t
.write(b
"terminal length 0\n")
696 # Wait for the prompt to return
699 # Fetch the routing tables
700 for protocol
in ("ipv6", "ipv4"):
701 log
.info("Requesting %s routing table" % protocol
)
703 # Request the full unicast routing table
704 t
.write(b
"show bgp %s unicast\n" % protocol
.encode())
706 # Read entire header which ends with "Path"
707 t
.read_until(b
"Path\r\n")
710 # Try reading a full entry
711 # Those might be broken across multiple lines but ends with i
712 line
= t
.read_until(b
"i\r\n", timeout
=5)
716 # Show line for debugging
717 #log.debug(repr(line))
719 # Try finding a route in here
720 m
= route
.match(line
)
722 network
, autnum
= m
.groups()
724 # Convert network to string
725 network
= network
.decode()
727 # Append /24 for IPv4 addresses
728 if not "/" in network
and not ":" in network
:
729 network
= "%s/24" % network
731 # Convert AS number to integer
734 log
.info("Found announcement for %s by %s" % (network
, autnum
))
736 self
.db
.execute("INSERT INTO announcements(network, autnum) \
737 VALUES(%s, %s) ON CONFLICT (network) DO \
738 UPDATE SET autnum = excluded.autnum, last_seen_at = CURRENT_TIMESTAMP",
742 log
.info("Finished reading the %s routing table" % protocol
)
744 def _bird_cmd(self
, socket_path
, command
):
745 # Connect to the socket
746 s
= socket
.socket(socket
.AF_UNIX
, socket
.SOCK_STREAM
)
747 s
.connect(socket_path
)
749 # Allocate some buffer
753 s
.send(b
"%s\n" % command
.encode())
757 buffer += s
.recv(4096)
760 # Search for the next newline
761 pos
= buffer.find(b
"\n")
763 # If we cannot find one, we go back and read more data
767 # Cut after the newline character
770 # Split the line we want and keep the rest in buffer
771 line
, buffer = buffer[:pos
], buffer[pos
:]
773 # Look for the end-of-output indicator
774 if line
== b
"0000 \n":
777 # Otherwise return the line
780 def handle_update_overrides(self
, ns
):
781 with self
.db
.transaction():
782 # Drop all data that we have
784 TRUNCATE TABLE autnum_overrides;
785 TRUNCATE TABLE network_overrides;
788 for file in ns
.files
:
789 log
.info("Reading %s..." % file)
791 with
open(file, "rb") as f
:
792 for type, block
in location
.importer
.read_blocks(f
):
794 network
= block
.get("net")
795 # Try to parse and normalise the network
797 network
= ipaddress
.ip_network(network
, strict
=False)
798 except ValueError as e
:
799 log
.warning("Invalid IP network: %s: %s" % (network
, e
))
802 # Prevent that we overwrite all networks
803 if network
.prefixlen
== 0:
804 log
.warning("Skipping %s: You cannot overwrite default" % network
)
808 INSERT INTO network_overrides(
812 is_satellite_provider,
814 ) VALUES (%s, %s, %s, %s, %s)
815 ON CONFLICT (network) DO NOTHING""",
817 block
.get("country"),
818 self
._parse
_bool
(block
, "is-anonymous-proxy"),
819 self
._parse
_bool
(block
, "is-satellite-provider"),
820 self
._parse
_bool
(block
, "is-anycast"),
823 elif type == "aut-num":
824 autnum
= block
.get("aut-num")
826 # Check if AS number begins with "AS"
827 if not autnum
.startswith("AS"):
828 log
.warning("Invalid AS number: %s" % autnum
)
835 INSERT INTO autnum_overrides(
840 is_satellite_provider,
842 ) VALUES(%s, %s, %s, %s, %s, %s)
843 ON CONFLICT DO NOTHING""",
846 block
.get("country"),
847 self
._parse
_bool
(block
, "is-anonymous-proxy"),
848 self
._parse
_bool
(block
, "is-satellite-provider"),
849 self
._parse
_bool
(block
, "is-anycast"),
853 log
.warning("Unsupport type: %s" % type)
856 def _parse_bool(block
, key
):
859 # There is no point to proceed when we got None
863 # Convert to lowercase
867 if val
in ("yes", "1"):
871 if val
in ("no", "0"):
877 def handle_import_countries(self
, ns
):
878 with self
.db
.transaction():
879 # Drop all data that we have
880 self
.db
.execute("TRUNCATE TABLE countries")
886 # Ignore any comments
887 if line
.startswith("#"):
891 country_code
, continent_code
, name
= line
.split(maxsplit
=2)
893 log
.warning("Could not parse line: %s" % line
)
896 self
.db
.execute("INSERT INTO countries(country_code, name, continent_code) \
897 VALUES(%s, %s, %s) ON CONFLICT DO NOTHING", country_code
, name
, continent_code
)
900 def split_line(line
):
901 key
, colon
, val
= line
.partition(":")
903 # Strip any excess space
910 # Run the command line interface