`location list-countries [--show-name] [--show-continent]`
`location list-networks-by-as ASN`
`location list-networks-by-cc COUNTRY_CODE`
-`location list-networks-by-flags [--anonymous-proxy|--satellite-provider|--anycast]`
+`location list-networks-by-flags [--anonymous-proxy|--satellite-provider|--anycast|--drop]`
`location lookup ADDRESS [ADDRESS...]`
`location search-as STRING`
`location update [--cron=daily|weekly|monthly]`
+
See above for usage of the '--family' and '--format' parameters.
-'list-networks-by-flags [--family=[ipv6|ipv4]] [--format=FORMAT] [--anonymous-proxy|--satellite-provider|--anycast]'::
+'list-networks-by-flags [--family=[ipv6|ipv4]] [--format=FORMAT] [--anonymous-proxy|--satellite-provider|--anycast|--drop]'::
Lists all networks that have a certain flag.
+
See above for usage of the '--family' and '--format' parameters.
msgid "Anycasts"
msgstr ""
+msgid "Hostile Networks safe to drop"
+msgstr ""
+
msgid "Lists all countries"
msgstr ""
/*
libloc - A library to determine the location of someone on the Internet
- Copyright (C) 2017 IPFire Development Team <info@ipfire.org>
+ Copyright (C) 2017-2021 IPFire Development Team <info@ipfire.org>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
LOC_NETWORK_FLAG_ANONYMOUS_PROXY = (1 << 0), // A1
LOC_NETWORK_FLAG_SATELLITE_PROVIDER = (1 << 1), // A2
LOC_NETWORK_FLAG_ANYCAST = (1 << 2), // A3
+ LOC_NETWORK_FLAG_DROP = (1 << 3), // XD
};
struct loc_network;
iv |= LOC_NETWORK_FLAG_SATELLITE_PROVIDER;
else if (strcmp("LOC_NETWORK_FLAG_ANYCAST", flag) == 0)
iv |= LOC_NETWORK_FLAG_ANYCAST;
+ else if (strcmp("LOC_NETWORK_FLAG_DROP", flag) == 0)
+ iv |= LOC_NETWORK_FLAG_DROP;
else
croak("Invalid flag");
# #
# libloc - A library to determine the location of someone on the Internet #
# #
-# Copyright (C) 2020 IPFire Development Team <info@ipfire.org> #
+# Copyright (C) 2020-2021 IPFire Development Team <info@ipfire.org> #
# #
# This library is free software; you can redistribute it and/or #
# modify it under the terms of the GNU Lesser General Public #
_location.NETWORK_FLAG_ANONYMOUS_PROXY : "A1",
_location.NETWORK_FLAG_SATELLITE_PROVIDER : "A2",
_location.NETWORK_FLAG_ANYCAST : "A3",
+ _location.NETWORK_FLAG_DROP : "XD",
}
class OutputWriter(object):
);
CREATE UNIQUE INDEX IF NOT EXISTS autnum_overrides_number
ON autnum_overrides(number);
+ ALTER TABLE autnum_overrides ADD COLUMN IF NOT EXISTS is_drop boolean;
CREATE TABLE IF NOT EXISTS network_overrides(
network inet NOT NULL,
ON network_overrides(network);
CREATE INDEX IF NOT EXISTS network_overrides_search
ON network_overrides USING GIST(network inet_ops);
+ ALTER TABLE network_overrides ADD COLUMN IF NOT EXISTS is_drop boolean;
""")
return db
WHERE networks.autnum = overrides.number
),
FALSE
- ) AS is_anycast
+ ) AS is_anycast,
+ COALESCE(
+ (
+ SELECT is_drop FROM network_overrides overrides
+ WHERE networks.network <<= overrides.network
+ ORDER BY masklen(overrides.network) DESC
+ LIMIT 1
+ ),
+ (
+ SELECT is_drop FROM autnum_overrides overrides
+ WHERE networks.autnum = overrides.number
+ ),
+ FALSE
+ ) AS is_drop
FROM (
SELECT
known_networks.network AS network,
if row.is_anycast:
network.set_flag(location.NETWORK_FLAG_ANYCAST)
+ if row.is_drop:
+ network.set_flag(location.NETWORK_FLAG_DROP)
+
# Add all countries
log.info("Writing countries...")
rows = self.db.query("SELECT * FROM countries ORDER BY country_code")
country,
is_anonymous_proxy,
is_satellite_provider,
- is_anycast
- ) VALUES (%s, %s, %s, %s, %s)
+ is_anycast,
+ is_drop
+ ) VALUES (%s, %s, %s, %s, %s, %s)
ON CONFLICT (network) DO NOTHING""",
"%s" % network,
block.get("country"),
self._parse_bool(block, "is-anonymous-proxy"),
self._parse_bool(block, "is-satellite-provider"),
self._parse_bool(block, "is-anycast"),
+ self._parse_bool(block, "drop"),
)
elif type == "aut-num":
country,
is_anonymous_proxy,
is_satellite_provider,
- is_anycast
- ) VALUES(%s, %s, %s, %s, %s, %s)
+ is_anycast,
+ is_drop
+ ) VALUES(%s, %s, %s, %s, %s, %s, %s)
ON CONFLICT DO NOTHING""",
autnum,
block.get("name"),
self._parse_bool(block, "is-anonymous-proxy"),
self._parse_bool(block, "is-satellite-provider"),
self._parse_bool(block, "is-anycast"),
+ self._parse_bool(block, "drop"),
)
else:
# #
# libloc - A library to determine the location of someone on the Internet #
# #
-# Copyright (C) 2017 IPFire Development Team <info@ipfire.org> #
+# Copyright (C) 2017-2021 IPFire Development Team <info@ipfire.org> #
# #
# This library is free software; you can redistribute it and/or #
# modify it under the terms of the GNU Lesser General Public #
list_networks_by_flags.add_argument("--anycast",
action="store_true", help=_("Anycasts"),
)
+ list_networks_by_flags.add_argument("--drop",
+ action="store_true", help=_("Hostile Networks safe to drop"),
+ )
list_networks_by_flags.add_argument("--family", choices=("ipv6", "ipv4"))
list_networks_by_flags.add_argument("--format",
choices=location.export.formats.keys(), default="list")
_("Anycast"), _("yes"),
))
+ # Hostile Network
+ if network.has_flag(location.NETWORK_FLAG_DROP):
+ print(format % (
+ _("Hostile Network safe to drop"), _("yes"),
+ ))
+
return ret
def handle_dump(self, db, ns):
location.NETWORK_FLAG_ANONYMOUS_PROXY : "is-anonymous-proxy:",
location.NETWORK_FLAG_SATELLITE_PROVIDER : "is-satellite-provider:",
location.NETWORK_FLAG_ANYCAST : "is-anycast:",
+ location.NETWORK_FLAG_DROP : "drop:",
}
# Iterate over all networks
if ns.anycast:
flags |= location.NETWORK_FLAG_ANYCAST
+ if ns.drop:
+ flags |= location.NETWORK_FLAG_DROP
+
if not flags:
raise ValueError(_("You must at least pass one flag"))
asns.append(object)
elif location.country_code_is_valid(object) \
- or object in ("A1", "A2", "A3"):
+ or object in ("A1", "A2", "A3", "XD"):
countries.append(object)
else:
# Default to exporting all countries
if not countries and not asns:
- countries = ["A1", "A2", "A3"] + [country.code for country in db.countries]
+ countries = ["A1", "A2", "A3", "XD"] + [country.code for country in db.countries]
# Select the output format
writer = self.__get_output_formatter(ns)
/*
libloc - A library to determine the location of someone on the Internet
- Copyright (C) 2017 IPFire Development Team <info@ipfire.org>
+ Copyright (C) 2017-2021 IPFire Development Team <info@ipfire.org>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
if (PyModule_AddIntConstant(m, "NETWORK_FLAG_ANYCAST", LOC_NETWORK_FLAG_ANYCAST))
return NULL;
+ if (PyModule_AddIntConstant(m, "NETWORK_FLAG_DROP", LOC_NETWORK_FLAG_DROP))
+ return NULL;
+
// Add latest database version
if (PyModule_AddIntConstant(m, "DATABASE_VERSION_LATEST", LOC_DATABASE_VERSION_LATEST))
return NULL;
projects / people / ms / libloc.git / commitdiff
