location-importer.in: omit historic/orphaned RIR data

Some RIRs include detailled information regarding networks not managed
by or allocated to themselves, particually APNIC. We need to filter
those networks (they usually have a characteristic network name) in
order to prevent operational quirks or returning wrong country codes.

Fixes: #12501
Partially fixes: #12499

Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/python/location-importer.in b/src/python/location-importer.in
index f24d357ad1c1363a1c1b67eba006ff201799c8cf..a869256e6fe6fe1b0a31edfd909a43f6a0a484ca 100644 (file)
--- a/src/python/location-importer.in
+++ b/src/python/location-importer.in
@@ -494,38 +494,38 @@ class CLI(object):
                        return False
 
                if not network.is_global:
-                       logging.warning("Skipping non-globally routable network: %s" % network)
+                       log.warning("Skipping non-globally routable network: %s" % network)
                        return False
 
                if network.version == 4:
                        if network.prefixlen < 7:
-                               logging.warning("Skipping too big IP chunk: %s" % network)
+                               log.warning("Skipping too big IP chunk: %s" % network)
                                return False
 
                        if network.prefixlen > 24:
-                               logging.info("Skipping network too small to be publicly announced: %s" % network)
+                               log.info("Skipping network too small to be publicly announced: %s" % network)
                                return False
 
                        if str(network.network_address) == "0.0.0.0":
-                               logging.warning("Skipping network based on 0.0.0.0: %s" % network)
+                               log.warning("Skipping network based on 0.0.0.0: %s" % network)
                                return False
 
                elif network.version == 6:
                        if network.prefixlen < 10:
-                               logging.warning("Skipping too big IP chunk: %s" % network)
+                               log.warning("Skipping too big IP chunk: %s" % network)
                                return False
 
                        if network.prefixlen > 48:
-                               logging.info("Skipping network too small to be publicly announced: %s" % network)
+                               log.info("Skipping network too small to be publicly announced: %s" % network)
                                return False
 
                        if str(network.network_address) == "::":
-                               logging.warning("Skipping network based on '::': %s" % network)
+                               log.warning("Skipping network based on '::': %s" % network)
                                return False
 
                else:
                        # This should not happen...
-                       logging.warning("Skipping network of unknown family, this should not happen: %s" % network)
+                       log.warning("Skipping network of unknown family, this should not happen: %s" % network)
                        return False
 
                # In case we have made it here, the network is considered to
@@ -574,15 +574,22 @@ class CLI(object):
                )
 
        def _parse_inetnum_block(self, block):
-               logging.debug("Parsing inetnum block:")
+               log.debug("Parsing inetnum block:")
 
                inetnum = {}
                for line in block:
-                       logging.debug(line)
+                       log.debug(line)
 
                        # Split line
                        key, val = split_line(line)
 
+                       # Filter any inetnum records which are only referring to IP space
+                       # not managed by that specific RIR...
+                       if key == "netname":
+                               if re.match(r"(ERX-NETBLOCK|(AFRINIC|ARIN|LACNIC|RIPE)-CIDR-BLOCK|IANA-NETBLOCK-\d{1,3}|NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK)", val.strip()):
+                                       log.warning("Skipping record indicating historic/orphaned data: %s" % val.strip())
+                                       return
+
                        if key == "inetnum":
                                start_address, delim, end_address = val.partition("-")
 
@@ -594,7 +601,7 @@ class CLI(object):
                                        start_address = ipaddress.ip_address(start_address)
                                        end_address   = ipaddress.ip_address(end_address)
                                except ValueError:
-                                       logging.warning("Could not parse line: %s" % line)
+                                       log.warning("Could not parse line: %s" % line)
                                        return
 
                                # Set prefix to default
@@ -611,15 +618,18 @@ class CLI(object):
                                inetnum[key] = val
 
                        elif key == "country":
-                               if val == "UNITED STATES":
-                                       val = "US"
-
                                inetnum[key] = val.upper()
 
                # Skip empty objects
                if not inetnum or not "country" in inetnum:
                        return
 
+               # Skip objects with bogus country code 'ZZ'
+               if inetnum.get("country") == "ZZ":
+                       log.warning("Skipping network with bogus country 'ZZ': %s" % \
+                               (inetnum.get("inet6num") or inetnum.get("inetnum")))
+                       return
+
                network = ipaddress.ip_network(inetnum.get("inet6num") or inetnum.get("inetnum"), strict=False)
 
                if not self._check_parsed_network(network):