package GeoIP;
-use Geo::IP::PurePerl;
+use Location;
use Locale::Codes::Country;
-my $geoip_database_dir = "/var/lib/GeoIP";
-my $location_database = "GeoLite2-Country-Locations-en.csv";
-
-my $database;
+# Hash which contains country codes and their names which are special or not
+# part of ISO 3166-1.
+my %not_iso_3166_location = (
+ "a1" => "Anonymous Proxy",
+ "a2" => "Satellite Provider",
+ "a3" => "Worldwide Anycast Instance",
+ "an" => "Netherlands Antilles",
+ "ap" => "Asia/Pacific Region",
+ "eu" => "Europe",
+ "fx" => "France, Metropolitan",
+ "o1" => "Other Country",
+ "yu" => "Yugoslavia"
+);
+
+# Directory where the libloc database and keyfile lives.
+our $location_dir = "/var/lib/location/";
+
+# Libloc database file.
+our $database = "$location_dir/database.db";
+
+# Libloc keyfile to verify the database.
+our $keyfile = "$location_dir/signing-key.pem";
+
+# Directory which contains the exported databases.
+our $xt_geoip_db_directory = "/usr/share/xt_geoip/";
+
+#
+## Tiny function to init the location database.
+#
+sub init () {
+ # Init and open the database.
+ my $db = &Location::init($database);
+
+ # Return the database handle.
+ return $db;
+}
-sub lookup($) {
- my $address = shift;
+#
+## Function to verify the integrity of the location database.
+#
+sub verify ($) {
+ my ($db_handle) = @_;
- # Load the database into memory if not already done
- if (!$database) {
- $database = Geo::IP::PurePerl->new(GEOIP_MEMORY_CACHE);
+ # Verify the integrity of the database.
+ if(&Location::verify($db_handle, $keyfile)) {
+ # Success, return "1".
+ return 1;
}
+ # If we got here, return nothing.
+ return;
+}
+
+#
+## Function to the the country code of a given address.
+#
+sub lookup_country_code($$) {
+ my ($db_handle, $address) = @_;
+
+ # Lookup the given address.
+ my $country_code = &Location::lookup_country_code($db_handle, $address);
+
# Return the name of the country
- return $database->country_code_by_name($address);
+ return $country_code;
}
# Function to get the flag icon for a specified country code.
# Remove whitespaces.
chomp($input);
+
# Convert input into lower case format.
my $code = lc($input);
# Handle country codes which are not in the list.
- if ($code eq "a1") { $name = "Anonymous Proxy" }
- elsif ($code eq "a2") { $name = "Satellite Provider" }
- elsif ($code eq "o1") { $name = "Other Country" }
- elsif ($code eq "ap") { $name = "Asia/Pacific Region" }
- elsif ($code eq "eu") { $name = "Europe" }
- elsif ($code eq "yu") { $name = "Yugoslavia" }
- else {
+ if ($not_iso_3166_location{$code}) {
+ # Grab location name from hash.
+ $name = $not_iso_3166_location{$code};
+ } else {
# Use perl built-in module to get the country code.
$name = &Locale::Codes::Country::code2country($code);
}
sub get_geoip_locations() {
my @locations = ();
- # Open the location database.
- open(LOCATION, "$geoip_database_dir/$location_database") or return @locations;
+ # Get listed country codes from ISO 3166-1.
+ @locations = &Locale::Codes::Country::all_country_codes();
- # Loop through the file.
- while(my $line = <LOCATION>) {
- # Remove newlines.
- chomp($line);
-
- # Split the line content.
- my ($geoname_id, $locale_code, $continent_code, $continent_name, $country_iso_code, $country_name, $is_in_european_union) = split(/\,/, $line);
-
- # Check if the country_iso_code is upper case.
- if($country_iso_code =~ /[A-Z]/) {
- # Add the current ISO code.
- push(@locations, $country_iso_code);
- }
+ # Add locations from not_iso_3166_locations.
+ foreach my $location (keys %not_iso_3166_location) {
+ push(@locations, $location);
}
- # Close filehandle.
- close(LOCATION);
-
# Sort locations array in alphabetical order.
my @sorted_locations = sort(@locations);
return @sorted_locations;
}
+# Function to get the continent code of a given country code.
+sub get_continent_code($$) {
+ my ($db_handle, $ccode) = @_;
+
+ # Omit the continent code.
+ my $continent_code = &Location::get_continent_code($db_handle, $ccode);
+
+ return $continent_code;
+}
+
+# Function to flush all exported GeoIP locations.
+sub flush_exported_locations () {
+ # Check if the xt_geoip_db_directory exists.
+ if (-e $xt_geoip_db_directory) {
+ # Perform a direcory listing.
+ opendir (DIR, $xt_geoip_db_directory) or die "Could not open $xt_geoip_db_directory. $!\n";
+
+ # Loop through the files.
+ while (my $file = readdir(DIR)) {
+ # Check if the element is a file.
+ if (-f "$xt_geoip_db_directory/$file") {
+ # Delete it.
+ unlink("$xt_geoip_db_directory/$file");
+ }
+ }
+ }
+}
+
+# Function which calls location-exporter to export a given array
+# of locations.
+sub export_locations (\@) {
+ my @locations = @{ shift() };
+
+ # String to store the given locations and pass it to the exporter tool.
+ my $locations_string;
+
+ # Only export IPv4 addresses.
+ my $family = "--family=ipv4";
+
+ # Specify xt_geoip as output format.
+ my $format = "--format=xt_geoip";
+
+ # Location export command.
+ my @command = ("/usr/bin/location-exporter", "--directory=$xt_geoip_db_directory", "$format", "$family");
+
+ # Check if the export directory exists, otherwise create it.
+ unless (-d $xt_geoip_db_directory) { mkdir $xt_geoip_db_directory };
+
+ # Loop through the array of locations which needs to be exported.
+ foreach my $location (@locations) {
+ # Add location to the command array.
+ push(@command, $location);
+ }
+
+ # Execute location-exporter to export the requested country codes.
+ system(@command) == 0
+ or die "@command failed: $?";
+}
1;
00 2 * 10-11 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
# Update GeoIP database once a month.
-%monthly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/xt_geoip_update >/dev/null 2>&1
+%hourly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1
# Retry sending spooled mails regularly
%hourly * /usr/sbin/dma -q
require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
+require "${General::swroot}/geoip-functions.pl";
require "/usr/lib/firewall/firewall-lib.pl";
# Set to one to enable debugging mode.
my %configinputfw=();
my %configoutgoingfw=();
my %confignatfw=();
+my %geoipsettings = (
+ "GEOIPBLOCK_ENABLED" => "off"
+);
+
my @p2ps=();
my $configfwdfw = "${General::swroot}/firewall/config";
&General::readhasharray($configoutgoing, \%configoutgoingfw);
&General::readhasharray($configgrp, \%customgrp);
+# Check if the geoip settings file exists
+if (-e "$geoipfile") {
+ # Read settings file
+ &General::readhash("$geoipfile", \%geoipsettings);
+}
+
+# Get all GeoIP locations.
+my @locations = &fwlib::get_geoip_locations();
+
my @log_limit_options = &make_log_limit_options();
my $POLICY_INPUT_ALLOWED = 0;
&main();
sub main {
+ # Gather locations which should be exported.
+ my @locations_to_export = &gather_locations_to_export();
+
# Flush all chains.
&flush();
+ # Flush exported locations.
+ &GeoIP::flush_exported_locations();
+
+ # Check if there are any locations to export.
+ if (@locations_to_export) {
+ # Export required locations.
+ &GeoIP::export_locations(\@locations_to_export);
+ }
+
# Prepare firewall rules.
if (! -z "${General::swroot}/firewall/input"){
&buildrules(\%configinputfw);
}
sub geoipblock {
- my %geoipsettings = ();
- $geoipsettings{'GEOIPBLOCK_ENABLED'} = "off";
-
# Flush iptables chain.
run("$IPTABLES -F GEOIPBLOCK");
- # Check if the geoip settings file exists
- if (-e "$geoipfile") {
- # Read settings file
- &General::readhash("$geoipfile", \%geoipsettings);
- }
-
# If geoip blocking is not enabled, we are finished here.
if ($geoipsettings{'GEOIPBLOCK_ENABLED'} ne "on") {
# Exit submodule. Process remaining script.
return;
}
- # Get supported locations.
- my @locations = &fwlib::get_geoip_locations();
-
# Loop through all supported geoip locations and
# create iptables rules, if blocking this country
# is enabled.
return 0;
}
+
+#
+# Function to gather which locations needs to be exported.
+#
+sub gather_locations_to_export () {
+ my %geoipblock_exports = ();
+
+ # Array to store the final list of locations.
+ my @export_locations;
+
+ # Array to temporary store all used GeoIP groups.
+ my @used_GeoIP_groups;
+
+ # Check if GeoIP-block is enabled.
+ if($geoipsettings{"GEOIPBLOCK_ENABLED"} eq "on") {
+ # Loop through the array of supported locations.
+ foreach my $location (@locations) {
+ if ($geoipsettings{$location} eq "on") {
+ $geoipblock_exports{$location} = "1";
+ }
+ }
+ }
+
+ # Get the firewall locations of the input, forward and output
+ # firewall settings hashhes.
+ my %input_exports = &_grab_geoip_locations_from_fw_settings_hash(\%configinputfw);
+ my %forward_exports = &_grab_geoip_locations_from_fw_settings_hash(\%configfwdfw);
+ my %output_exports = &_grab_geoip_locations_from_fw_settings_hash(\%configoutgoingfw);
+
+ # Merge the hashes.
+ #
+ # If a location is part of multiple hashes, it results in only one entry in the final hash.
+ my %export_locations = ( %geoipblock_exports, %input_exports, %forward_exports, %output_exports );
+
+ # Loop through the hash of exported locations.
+ foreach my $location (keys %export_locations) {
+ # Convert location into upper-case format.
+ my $location_uc = uc($location);
+
+ # Add the location to the array.
+ push(@export_locations, $location_uc);
+ }
+
+ # Return the array.
+ return @export_locations;
+}
+
+#
+# Function to gather the GeoIP locations from a given hash
+# containing the firewall settings.
+#
+sub _grab_geoip_locations_from_fw_settings_hash (\%) {
+ my $hash = shift;
+ my %exports;
+
+ # Loop through the given firewall config hash.
+ foreach my $rule ( keys %$hash ) {
+ # Skip if the rule is disabled.
+ next unless($$hash{$rule}[2] eq "ON");
+
+ # Process rules with GeoIP as source.
+ if($$hash{$rule}[3] eq "cust_geoip_src") {
+ my $source = $$hash{$rule}[4];
+
+ # Check if the source is a group.
+ if($source =~ m/group/) {
+ my($group, $groupname) = split(":", $source);
+
+ # Get locations which are part of the group.
+ my @group_locations = &_grab_geoip_locations_from_group($groupname);
+
+ # Loop through the array.
+ foreach my $location (@group_locations) {
+ # Add location to the exports hash.
+ $exports{$location} = "1";
+ }
+ } else {
+ # Add location to the exports hash.
+ $exports{$source} = "1";
+ }
+
+ # Jump the next rule.
+ next;
+ }
+
+ # Process rules with GeoIP as target.
+ if($$hash{$rule}[5] eq "cust_geoip_tgt") {
+ my $destination = $$hash{$rule}[6];
+
+ # Check if the destination is a group.
+ if($destination =~ m/group/) {
+ my($group, $groupname) = split(":", $destination);
+
+ # Get locations which are part of the group.
+ my @group_locations = &_grab_geoip_locations_from_group($groupname);
+
+ # Loop through the array.
+ foreach my $location (@group_locations) {
+ # Add location to the exports hash.
+ $exports{$location} = "1";
+ }
+ } else {
+ # Add location to the exports hash.
+ $exports{$destination} = "1";
+ }
+
+ # Jump to next rule.
+ next;
+ }
+ }
+
+ # Return the array.
+ return %exports;
+}
+
+#
+# Function to gather the GeoIP locations from a given group name.
+#
+sub _grab_geoip_locations_from_group($) {
+ my ($groupname) = @_;
+
+ my %geoipgroups = ();
+ my @group_locations;
+
+ # Get all configured GeoIP related groups.
+ &General::readhasharray("${General::swroot}/fwhosts/customgeoipgrp", \%geoipgroups);
+
+ # Loop through the hash of GeoIP groups.
+ foreach my $key (keys %geoipgroups) {
+ # Seach for members of the given group.
+ if($geoipgroups{$key}[0] eq "$groupname") {
+ # Add the location to the group_locations array.
+ push(@group_locations, $geoipgroups{$key}[2]);
+ }
+ }
+
+ # Return the array.
+ return @group_locations;
+}
+++ /dev/null
-#usr/bin/geoip-lookup
-#usr/lib/perl5/site_perl/5.30.0/Geo
-#usr/lib/perl5/site_perl/5.30.0/Geo/IP
-usr/lib/perl5/site_perl/5.30.0/Geo/IP/PurePerl.pm
-#usr/lib/perl5/site_perl/5.30.0/xxxMACHINExxx-linux-thread-multi/auto/Geo
-#usr/lib/perl5/site_perl/5.30.0/xxxMACHINExxx-linux-thread-multi/auto/Geo/IP
-#usr/lib/perl5/site_perl/5.30.0/xxxMACHINExxx-linux-thread-multi/auto/Geo/IP/PurePerl
-#usr/lib/perl5/site_perl/5.30.0/xxxMACHINExxx-linux-thread-multi/auto/Geo/IP/PurePerl/.packlist
-#usr/share/GeoIP
-usr/share/GeoIP/GeoIP.dat
-#usr/share/man/man1/geoip-lookup.1
-#usr/share/man/man3/Geo::IP::PurePerl.3
-#usr/lib/perl5/5.30.0/Locale/Codes
-usr/lib/perl5/5.30.0/Locale/Codes.pm
-usr/lib/perl5/5.30.0/Locale/Codes.pod
-usr/lib/perl5/5.30.0/Locale/Codes/API.pod
-usr/lib/perl5/5.30.0/Locale/Codes/Changes.pod
-usr/lib/perl5/5.30.0/Locale/Codes/Constants.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Constants.pod
-usr/lib/perl5/5.30.0/Locale/Codes/Country.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Country.pod
-usr/lib/perl5/5.30.0/Locale/Codes/Country_Codes.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Country_Retired.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Currency.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Currency.pod
-usr/lib/perl5/5.30.0/Locale/Codes/Currency_Codes.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Currency_Retired.pm
-usr/lib/perl5/5.30.0/Locale/Codes/LangExt.pm
-usr/lib/perl5/5.30.0/Locale/Codes/LangExt.pod
-usr/lib/perl5/5.30.0/Locale/Codes/LangExt_Codes.pm
-usr/lib/perl5/5.30.0/Locale/Codes/LangExt_Retired.pm
-usr/lib/perl5/5.30.0/Locale/Codes/LangFam.pm
-usr/lib/perl5/5.30.0/Locale/Codes/LangFam.pod
-usr/lib/perl5/5.30.0/Locale/Codes/LangFam_Codes.pm
-usr/lib/perl5/5.30.0/Locale/Codes/LangFam_Retired.pm
-usr/lib/perl5/5.30.0/Locale/Codes/LangVar.pm
-usr/lib/perl5/5.30.0/Locale/Codes/LangVar.pod
-usr/lib/perl5/5.30.0/Locale/Codes/LangVar_Codes.pm
-usr/lib/perl5/5.30.0/Locale/Codes/LangVar_Retired.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Language.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Language.pod
-usr/lib/perl5/5.30.0/Locale/Codes/Language_Codes.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Language_Retired.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Script.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Script.pod
-usr/lib/perl5/5.30.0/Locale/Codes/Script_Codes.pm
-usr/lib/perl5/5.30.0/Locale/Codes/Script_Retired.pm
-usr/lib/perl5/5.30.0/Locale/Country.pm
-#usr/lib/perl5/5.30.0/Locale/Country.pod
-usr/lib/perl5/5.30.0/Locale/Currency.pm
-#usr/lib/perl5/5.30.0/Locale/Currency.pod
-usr/lib/perl5/5.30.0/Locale/Language.pm
-#usr/lib/perl5/5.30.0/Locale/Language.pod
-usr/lib/perl5/5.30.0/Locale/Script.pm
-#usr/lib/perl5/5.30.0/Locale/Script.pod
-#usr/lib/perl5/5.30.0/xxxMACHINExxx-linux-thread-multi/auto/Locale
-#usr/lib/perl5/5.30.0/xxxMACHINExxx-linux-thread-multi/auto/Locale/Codes
-#usr/lib/perl5/5.30.0/xxxMACHINExxx-linux-thread-multi/auto/Locale/Codes/.packlist
+#usr/lib/perl5/site_perl/5.30.0/Locale
+#usr/lib/perl5/site_perl/5.30.0/Locale/Codes
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Codes.pod
+#usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Changes.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Constants.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Country.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Country.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Country_Codes.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Country_Retired.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Currency.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Currency.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Currency_Codes.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Currency_Retired.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangExt.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangExt.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangExt_Codes.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangExt_Retired.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangFam.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangFam.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangFam_Codes.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangFam_Retired.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangVar.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangVar.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangVar_Codes.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/LangVar_Retired.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Language.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Language.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Language_Codes.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Language_Retired.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Script.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Script.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Script_Codes.pm
+usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Script_Retired.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Codes/Types.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Country.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Country.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Currency.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Currency.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Language.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Language.pod
+usr/lib/perl5/site_perl/5.30.0/Locale/Script.pm
+#usr/lib/perl5/site_perl/5.30.0/Locale/Script.pod
+#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Locale
+#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Locale/Codes
+#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Locale/Codes/.packlist
#usr/share/man/man3/Locale::Codes.3
-#usr/share/man/man3/Locale::Codes::API.3
#usr/share/man/man3/Locale::Codes::Changes.3
-#usr/share/man/man3/Locale::Codes::Constants.3
#usr/share/man/man3/Locale::Codes::Country.3
#usr/share/man/man3/Locale::Codes::Currency.3
#usr/share/man/man3/Locale::Codes::LangExt.3
#usr/share/man/man3/Locale::Codes::LangFam.3
-#usr/share/man/man3/Locale::Codes::LangFam_Retired.3
#usr/share/man/man3/Locale::Codes::LangVar.3
#usr/share/man/man3/Locale::Codes::Language.3
#usr/share/man/man3/Locale::Codes::Script.3
+#usr/share/man/man3/Locale::Codes::Types.3
#usr/share/man/man3/Locale::Country.3
#usr/share/man/man3/Locale::Currency.3
#usr/share/man/man3/Locale::Language.3
etc/rc.d/init.d/networking/red.up/98-leds
etc/rc.d/init.d/networking/red.up/99-beep
etc/rc.d/init.d/networking/red.up/99-fireinfo
-etc/rc.d/init.d/networking/red.up/99-geoip-database
+etc/rc.d/init.d/networking/red.up/99-location-database
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe
etc/rc.d/init.d/ntp
usr/local/bin/timecheck
usr/local/bin/timezone-transition
usr/local/bin/update-ids-ruleset
-usr/local/bin/update-lang-cache
-usr/local/bin/xt_geoip_update
+usr/local/bin/update-location-database
#usr/local/include
#usr/local/lib
#usr/local/lib/sse2
etc/rc.d/init.d/networking/red.up/98-leds
etc/rc.d/init.d/networking/red.up/99-beep
etc/rc.d/init.d/networking/red.up/99-fireinfo
-etc/rc.d/init.d/networking/red.up/99-geoip-database
+etc/rc.d/init.d/networking/red.up/99-location-database
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe
etc/rc.d/init.d/ntp
+++ /dev/null
-#usr/bin/geoiplookup
-#usr/bin/geoiplookup6
-#usr/include/GeoIP.h
-#usr/include/GeoIPCity.h
-#usr/lib/libGeoIP.a
-#usr/lib/libGeoIP.la
-usr/lib/libGeoIP.so
-usr/lib/libGeoIP.so.1
-usr/lib/libGeoIP.so.1.6.12
-#usr/lib/pkgconfig/geoip.pc
-#usr/share/GeoIP/bin
-usr/share/GeoIP/bin/countryInfo.txt
-usr/share/GeoIP/bin/geoip-generator
-usr/share/GeoIP/bin/geolite2-to-legacy-csv.sh
-#usr/share/man/man1/geoiplookup.1
-#usr/share/man/man1/geoiplookup6.1
etc/rc.d/init.d/networking/red.up/98-leds
etc/rc.d/init.d/networking/red.up/99-beep
etc/rc.d/init.d/networking/red.up/99-fireinfo
-etc/rc.d/init.d/networking/red.up/99-geoip-database
+etc/rc.d/init.d/networking/red.up/99-location-database
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe
etc/rc.d/init.d/ntp
--- /dev/null
+usr/bin/location-downloader
+usr/bin/location-exporter
+usr/bin/location-query
+#usr/include/libloc
+#usr/include/libloc/as.h
+#usr/include/libloc/compat.h
+#usr/include/libloc/country.h
+#usr/include/libloc/database.h
+#usr/include/libloc/format.h
+#usr/include/libloc/libloc.h
+#usr/include/libloc/network.h
+#usr/include/libloc/private.h
+#usr/include/libloc/resolv.h
+#usr/include/libloc/stringpool.h
+#usr/include/libloc/writer.h
+#usr/lib/libloc.la
+#usr/lib/libloc.so
+usr/lib/libloc.so.0
+usr/lib/libloc.so.0.0.0
+usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/Location.pm
+#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Location
+#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Location/.packlist
+usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Location/Location.so
+#usr/lib/pkgconfig/libloc.pc
+#usr/lib/python3.6/site-packages/location.la
+usr/lib/python3.6/site-packages/location.so
+#usr/share/locale/de/LC_MESSAGES/libloc.mo
+#usr/share/man/man3/Location.3
+var/lib/location
+var/lib/location/signing-key.pem
+
usr/local/bin/timezone-transition
usr/local/bin/update-lang-cache
usr/local/bin/update-ids-ruleset
-usr/local/bin/xt_geoip_build
-usr/local/bin/xt_geoip_update
+usr/local/bin/update-location-database
#usr/local/include
#usr/local/lib
#usr/local/lib/sse2
etc/rc.d/init.d/networking/red.up/98-leds
etc/rc.d/init.d/networking/red.up/99-beep
etc/rc.d/init.d/networking/red.up/99-fireinfo
-etc/rc.d/init.d/networking/red.up/99-geoip-database
+etc/rc.d/init.d/networking/red.up/99-location-database
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe
etc/rc.d/init.d/ntp
usr/local/bin/timezone-transition
usr/local/bin/update-ids-ruleset
usr/local/bin/update-lang-cache
-usr/local/bin/xt_geoip_build
-usr/local/bin/xt_geoip_update
+usr/local/bin/update-location-database
#usr/local/include
#usr/local/lib
#usr/local/lib/sse2
usr/lib/libxt_ACCOUNT_cl.so.0
usr/lib/libxt_ACCOUNT_cl.so.0.0.0
#usr/libexec/xtables-addons
-usr/libexec/xtables-addons/xt_geoip_build
-usr/libexec/xtables-addons/xt_geoip_dl
-usr/local/bin/xt_geoip_build
+#usr/libexec/xtables-addons/xt_geoip_build
+#usr/libexec/xtables-addons/xt_geoip_dl
usr/sbin/iptaccount
#usr/share/man/man1/xt_geoip_build.1
#usr/share/man/man1/xt_geoip_dl.1
my @dummy = ( ${Header::table1colour} );
undef (@dummy);
+# Init libloc database connection.
+my $libloc_db_handle = &GeoIP::init();
+
# check sorting arguments
if ( $cgiin{'sort_field'} ~~ [ '1','2','3','4','5','6','7','8','9' ] ) {
$SORT_FIELD = $cgiin{'sort_field'};
my $bytes_out = format_bytes($bytes[1]);
# enumerate GeoIP information
- my $srcccode = &GeoIP::lookup($sip_ret);
+ my $srcccode = &GeoIP::lookup_country_code($libloc_db_handle, $sip_ret);
my $src_flag_icon = &GeoIP::get_flag_icon($srcccode);
- my $dstccode = &GeoIP::lookup($dip_ret);
+ my $dstccode = &GeoIP::lookup_country_code($libloc_db_handle, $dip_ret);
my $dst_flag_icon = &GeoIP::get_flag_icon($dstccode);
# Format TTL
my @lines=();
my $extraquery='';
+# Hash which contains the whois servers from
+# the responisible RIR of the continent.
+my %whois_servers_by_continent = (
+ "AF" => "whois.afrinic.net",
+ "AS" => "whois.apnic.net",
+ "EU" => "whois.ripe.net",
+ "NA" => "whois.arin.net",
+ "SA" => "whois.lacnic.net"
+);
+
+# Default whois server if no continent could be determined.
+my $whois_server = "whois.arin.net";
+
my $addr = CGI::param("ip") || "";
if (&General::validip($addr)) {
- $extraquery='';
- @lines=();
- my $whoisname = "whois.arin.net";
my $iaddr = inet_aton($addr);
my $hostname = gethostbyaddr($iaddr, AF_INET);
if (!$hostname) { $hostname = $Lang::tr{'lookup failed'}; }
# enumerate GeoIP information for IP address...
- my $ccode = &GeoIP::lookup($addr);
+ my $db_handle = &GeoIP::init();
+ my $ccode = &GeoIP::lookup_country_code($db_handle, $addr);
+
+ # Try to get the continent of the country code.
+ my $continent = &GeoIP::get_continent_code($db_handle, $ccode);
+
+ # Check if a whois server for the continent is known.
+ if($whois_servers_by_continent{$continent}) {
+ # Use it.
+ $whois_server = $whois_servers_by_continent{$continent};
+ }
+
my $flag_icon = &GeoIP::get_flag_icon($ccode);
- my $sock = new IO::Socket::INET ( PeerAddr => $whoisname, PeerPort => 43, Proto => 'tcp');
+ my $sock = new IO::Socket::INET ( PeerAddr => $whois_server, PeerPort => 43, Proto => 'tcp');
if ($sock)
{
- print $sock "n $addr\n";
+ print $sock "$addr\n";
while (<$sock>) {
- $extraquery = $1 if (/ReferralServer: whois:\/\/(\S+)\s+/);
+ $extraquery = $1 if (/ReferralServer: whois:\/\/(\S+)\s+/);
push(@lines,$_);
}
close($sock);
if ($extraquery) {
undef (@lines);
- $whoisname = $extraquery;
- my $sock = new IO::Socket::INET ( PeerAddr => $whoisname, PeerPort => 43, Proto => 'tcp');
+ $whois_server = $extraquery;
+ my $sock = new IO::Socket::INET ( PeerAddr => $whois_server, PeerPort => 43, Proto => 'tcp');
if ($sock)
{
print $sock "$addr\n";
}
else
{
- @lines = ( "$Lang::tr{'unable to contact'} $whoisname" );
+ @lines = ( "$Lang::tr{'unable to contact'} $whois_server" );
}
}
}
else
{
- @lines = ( "$Lang::tr{'unable to contact'} $whoisname" );
+ @lines = ( "$Lang::tr{'unable to contact'} $whois_server" );
}
- &Header::openbox('100%', 'left', $addr . " <a href='country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode' /></a> (" . $hostname . ') : '.$whoisname);
+ &Header::openbox('100%', 'left', $addr . " <a href='country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode' /></a> (" . $hostname . ') : '.$whois_server);
print "<pre>\n";
foreach my $line (@lines) {
print &Header::cleanhtml($line,"y");
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
+# Libloc database handle.
+my $libloc_db_handle = &GeoIP::init();
+
my %color = ();
my %mainsettings = ();
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
$srcport=$1 if $packet =~ /SPT=(\d+)/;
$dstport=$1 if $packet =~ /DPT=(\d+)/;
- my $ccode = &GeoIP::lookup($srcaddr);
+ my $ccode = &GeoIP::lookup_country_code($libloc_db_handle, $srcaddr);
my $servi = uc(getservbyport($srcport, lc($proto)));
if ($servi ne '' && $srcport < 1024) {
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
+# Libloc database handle.
+my $libloc_db_handle = &GeoIP::init();
+
use POSIX();
my %cgiparams=();
# Traffic from red
if($srcaddr ne '') {
# srcaddr is set
- my $ccode = &GeoIP::lookup($srcaddr);
+ my $ccode = &GeoIP::lookup_country_code($libloc_db_handle, $srcaddr);
if ($ccode eq '') {
$ccode = 'unknown';
}
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
+# Libloc database handle.
+my $libloc_db_handle = &GeoIP::init();
+
use POSIX();
my %cgiparams=();
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
- my $ccode = &GeoIP::lookup($key[$s]);
+ my $ccode = &GeoIP::lookup_country_code($libloc_db_handle, $key[$s]);
$color++;
print "<td align='center' $col><form method='post' action='showrequestfromip.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='ip' value='$key[$s]'> <input type='submit' value='$Lang::tr{'details'}'></form></td>";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
+# Libloc database handle.
+my $libloc_db_handle = &GeoIP::init();
+
use POSIX();
#workaround to suppress a warning when a variable is used only once
}
elsif($srcaddr ne '') {
# or srcaddr matches country code
- my $ccode = &GeoIP::lookup($srcaddr);
+ my $ccode = &GeoIP::lookup_country_code($libloc_db_handle, $srcaddr);
if($ccode eq uc($country)){
$log[$lines] = $_;
$lines++;
if($iface eq $country || $srcaddr ne '') {
my $ccode='';
if($iface ne $country) {
- $ccode = &GeoIP::lookup($srcaddr);
+ $ccode = &GeoIP::lookup_country_code($libloc_db_handle, $srcaddr);
}
if($iface eq $country || $ccode eq uc($country)) {
my $chain = '';
require "${General::swroot}/geoip-functions.pl";
require "${General::swroot}/graphs.pl";
+# Libloc database handle.
+my $libloc_db_handle = &GeoIP::init();
+
my %color = ();
my %mainsettings = ();
my %netsettings=();
&Header::openbigbox('100%', 'LEFT', '', '');
&Header::openbox('100%', 'LEFT', $Lang::tr{'ovpn con stat'});
+ # Libloc database handle.
+ my $libloc_db_handle = &GeoIP::init();
+
#
# <td><b>$Lang::tr{'protocol'}</b></td>
# protocol temp removed
$users[$uid]{'Proto'} = $proto;
# get country code for "RealAddress"...
- my $ccode = &GeoIP::lookup((split ':', $users[$uid]{'RealAddress'})[0]);
+ my $ccode = &GeoIP::lookup_country_code($libloc_db_handle, (split ':', $users[$uid]{'RealAddress'})[0]);
my $flag_icon = &GeoIP::get_flag_icon($ccode);
$users[$uid]{'Country'} = "<a href='country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode' /></a>";
$uid++;
} else {
# list active logins...
+ # Libloc database handle.
+ my $libloc_db_handle = &GeoIP::init();
+
foreach my $line (@output)
{
my @arry = split(/\ +/, $line);
$remoteip =~ s/[()]//g;
# display more information about that IP adress...
- my $ccode = &GeoIP::lookup($remoteip);
+ my $ccode = &GeoIP::lookup_country_code($libloc_db_handle, $remoteip);
my $flag_icon = &GeoIP::get_flag_icon($ccode);
# get rDNS...
include Config
-VER = 3.33
+VER = 3.62
THISAPP = Locale-Codes-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = bc7496f97889de8504e80addaa0ee40c
+$(DL_FILE)_MD5 = d4ee6fb8b5483c54abde1aa2b94e555a
install : $(TARGET)
+++ /dev/null
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-###############################################################################
-# Definitions
-###############################################################################
-
-include Config
-
-VER = 1.6.12
-DVER = 1.6.12-3
-
-THISAPP = geoip-api-c-$(VER)
-DL_FILE = $(THISAPP).tar.gz
-DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/$(THISAPP)
-TARGET = $(DIR_INFO)/$(THISAPP)
-
-###############################################################################
-# Top-level Rules
-###############################################################################
-
-objects = $(DL_FILE) geoip_$(DVER).debian.tar.xz
-
-$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-geoip_$(DVER).debian.tar.xz = $(DL_FROM)/geoip_$(DVER).debian.tar.xz
-
-$(DL_FILE)_MD5 = 727e5d6df9e9fc039dbc3a323cc56d2e
-geoip_$(DVER).debian.tar.xz_MD5 = 64fb561362dc456b45b799da20d47dd4
-
-install : $(TARGET)
-
-check : $(patsubst %,$(DIR_CHK)/%,$(objects))
-
-download :$(patsubst %,$(DIR_DL)/%,$(objects))
-
-md5 : $(subst %,%_MD5,$(objects))
-
-###############################################################################
-# Downloading, checking, md5sum
-###############################################################################
-
-$(patsubst %,$(DIR_CHK)/%,$(objects)) :
- @$(CHECK)
-
-$(patsubst %,$(DIR_DL)/%,$(objects)) :
- @$(LOAD)
-
-$(subst %,%_MD5,$(objects)) :
- @$(MD5)
-
-###############################################################################
-# Installation Details
-###############################################################################
-
-$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
- @$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && ./bootstrap
- cd $(DIR_APP) && ./configure --prefix=/usr
- cd $(DIR_APP) && make $(MAKETUNING)
- cd $(DIR_APP) && make install
- cd $(DIR_APP) && tar axf $(DIR_DL)/geoip_$(DVER).debian.tar.xz
- cd $(DIR_APP) && sed -i "s/use diagnostics;//g" debian/src/geolite2-to-legacy-csv.sh
- cd $(DIR_APP) && g++ -std=gnu++11 -g debian/src/geoip-csv-to-dat.cpp \
- -o geoip-generator -lGeoIP
- -mkdir -p /usr/share/GeoIP/bin
- cd $(DIR_APP) && install -m 755 geoip-generator /usr/share/GeoIP/bin
- cd $(DIR_APP) && install -m 755 debian/src/geolite2-to-legacy-csv.sh /usr/share/GeoIP/bin
- cd $(DIR_APP) && install -m 644 debian/src/countryInfo.txt /usr/share/GeoIP/bin
- @rm -rf $(DIR_APP)
- @$(POSTBUILD)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 1.25
-DATVER = 30062018
+VER = 0.9.0
+GIT_REV = cd022c
-THISAPP = Geo-IP-PurePerl-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+THISAPP = libloc-$(VER)-$(GIT_REV)
+DL_FILE = $(THISAPP).tar.xz
DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/$(THISAPP)
+DIR_APP = $(DIR_SRC)/libloc-$(VER)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
# Top-level Rules
###############################################################################
-objects = $(DL_FILE) GeoIP.dat-$(DATVER).gz
+objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-GeoIP.dat-$(DATVER).gz = $(DL_FROM)/GeoIP.dat-$(DATVER).gz
-
-$(DL_FILE)_MD5 = a47a1b71f7cd7c46cca9efcc448e0726
-GeoIP.dat-$(DATVER).gz_MD5 = d538e57ad9268fdc7955c6cf9a37c4a9
+$(DL_FILE)_MD5 = a40fcbdd5585f720ca801166befeef85
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
md5 : $(subst %,%_MD5,$(objects))
+dist:
+ @$(PAK)
+
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/geoip_1_25_change_database_path.patch
- cd $(DIR_APP) && perl Makefile.PL
- cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xvf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --disable-manpages
+ cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
- cd $(DIR_APP) && mkdir -p /usr/share/GeoIP && \
- zcat $(DIR_DL)/GeoIP.dat-$(DATVER).gz > /usr/share/GeoIP/GeoIP.dat
- cd $(DIR_APP) && chmod 777 /srv/web/ipfire/html/images/flags
@rm -rf $(DIR_APP)
@$(POSTBUILD)
VERSUFIX = ipfire$(KCFG)
MODPATH = /lib/modules/$(KVER)-$(VERSUFIX)/extra/
-VER = 3.2
+VER = 3.7
THISAPP = xtables-addons-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 80ea89ba8d5a001a8d71c7f05b2f0141
+$(DL_FILE)_MD5 = d81776d6320ebd741042bf8eb7e13d1d
install : $(TARGET)
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/xtables-addons-3.2-fix-database-generation.patch
-
# Only build the specified modules.
cp -avf $(DIR_SRC)/config/xtables-addons/mconfig \
$(DIR_APP)/mconfig
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
-
- # Install xt_geoip_build.
- cd $(DIR_APP) && install -m 755 geoip/xt_geoip_build \
- /usr/local/bin/
else
cd $(DIR_APP) && ./configure \
--with-kbuild=/lib/modules/$$(uname -r)$(KCFG)/build
lfsmake2 python-daemon
lfsmake2 python-ipaddress
lfsmake2 glib
- lfsmake2 GeoIP
- lfsmake2 geoip-database
lfsmake2 ntp
lfsmake2 openssh
lfsmake2 fontconfig
lfsmake2 flashrom
lfsmake2 firmware-update
lfsmake2 tshark
- lfsmake2 geoip-generator
lfsmake2 speedtest-cli
lfsmake2 rfkill
lfsmake2 amazon-ssm-agent
+ lfsmake2 libloc
}
buildinstaller() {
cat doc/make.sh-usage
;;
esac
+
+++ /dev/null
-#!/bin/bash
-
-# Get the GeoIP database if no one exists yet
-
-database_exists() {
- local file
- for file in /usr/share/xt_geoip/*.iv4; do
- [ -e "${file}" ] && return 0
- done
-
- # Does not exist
- return 1
-}
-
-# Download ruleset if none has been found.
-if ! database_exists; then
- /usr/local/bin/xt_geoip_update >/dev/null 2>&1 &
-fi
-
-exit 0
--- /dev/null
+#!/bin/bash
+
+# Download / Check for updates of the location database.
+/usr/local/bin/update-location-database
+
+exit 0
+++ /dev/null
---- lib/Geo/IP/PurePerl.pm Tue Mar 30 15:41:34 2010
-+++ lib/Geo/IP/PurePerl.pm Mon Jan 09 18:58:11 2017
-@@ -129,7 +129,7 @@
-
-
- # --- unfortunately we do not know the path so we assume the
--# default path /usr/local/share/GeoIP
-+# default path /usr/share/GeoIP
- # if thats not true, you can set $Geo::IP::PurePerl::OPEN_TYPE_PATH
- #
- sub open_type {
-@@ -210,7 +210,7 @@
- # this will be less messy once deprecated new( $path, [$flags] )
- # is no longer supported (that's what open() is for)
-
-- my $def_db_file = '/usr/local/share/GeoIP/GeoIP.dat';
-+ my $def_db_file = '/usr/share/GeoIP/GeoIP.dat';
- if ($^O eq 'NetWare') {
- $def_db_file = 'sys:/etc/GeoIP/GeoIP.dat';
- } elsif ($^O eq 'MSWin32') {
-@@ -758,7 +758,7 @@
- =item $gi = Geo::IP->new( [$flags] );
-
- Constructs a new Geo::IP object with the default database located inside your system's
--I<datadir>, typically I</usr/local/share/GeoIP/GeoIP.dat>.
-+I<datadir>, typically I</usr/share/GeoIP/GeoIP.dat>.
-
- Flags can be set to either GEOIP_STANDARD, or for faster performance
- (at a cost of using more memory), GEOIP_MEMORY_CACHE.
---- t/1_lookup.t Tue Mar 30 15:13:37 2010
-+++ t/1_lookup.t Mon Jan 09 18:58:13 2017
-@@ -2,7 +2,7 @@
- use vars qw($dat);
-
- BEGIN {
-- foreach my $file ("GeoIP.dat",'/usr/local/share/GeoIP/GeoIP.dat') {
-+ foreach my $file ("GeoIP.dat",'/usr/share/GeoIP/GeoIP.dat') {
- if (-f $file) {
- $dat = $file;
- last;
---- t/2_namelookup.t Tue Mar 30 15:21:37 2010
-+++ t/2_namelookup.t Mon Jan 09 18:58:21 2017
-@@ -2,7 +2,7 @@
- use vars qw($dat);
-
- BEGIN {
-- foreach my $file ("GeoIP.dat",'/usr/local/share/GeoIP/GeoIP.dat') {
-+ foreach my $file ("GeoIP.dat",'/usr/share/GeoIP/GeoIP.dat') {
- if (-f $file) {
- $dat = $file;
- last;
---- Changes Tue Mar 30 15:26:38 2010
-+++ Changes Mon Jan 09 18:57:37 2017
-@@ -35,7 +35,7 @@
- Country, City and Org requests benefit from GEOIP_MEMORY_CACHE and GEOIP_MMAP_CACHE
- Add GEOIP_MMAP_CACHE support ( Peter Shipley )
- Now works with new format of GeoIP ISP
-- Corrected path to /usr/local/share/GeoIP/GeoIP.dat in geoip-lookup program.
-+ Corrected path to /usr/share/GeoIP/GeoIP.dat in geoip-lookup program.
-
- 1.18 January 8th 2007
- Replaced CS/Serbia and Montenegro with RS/Serbia, removed ZR/Zaire, added ME/Montenegro
---- geoip-lookup Tue Mar 30 15:13:36 2010
-+++ geoip-lookup Mon Jan 09 18:57:44 2017
-@@ -15,7 +15,7 @@
-
- The I<geoip-lookup> program will return the country for the IP address or
- hostname given as the first command line argument.
--It queries the GeoIP Country database in C</usr/local/share/GeoIP/GeoIP.dat>.
-+It queries the GeoIP Country database in C</usr/share/GeoIP/GeoIP.dat>.
-
- By default it prints the ISO 3166 country code. Use the C<-l> option
- to print the country name.
---- geoip-lookup-city Tue Mar 30 15:13:36 2010
-+++ geoip-lookup-city Mon Jan 09 18:57:48 2017
-@@ -6,7 +6,7 @@
-
- my $addr = shift;
-
--my $gi = Geo::IP::PurePerl->new( "/usr/local/share/GeoIP/GeoIPCity.dat",
-+my $gi = Geo::IP::PurePerl->new( "/usr/share/GeoIP/GeoIPCity.dat",
- GEOIP_STANDARD );
-
- if ($addr) {
---- geoip-lookup-isp Tue Mar 30 15:13:36 2010
-+++ geoip-lookup-isp Mon Jan 09 18:57:50 2017
-@@ -7,7 +7,7 @@
-
- my $addr = shift;
-
--my $gi = Geo::IP::PurePerl->new("/usr/local/share/GeoIP/GeoIPISP.dat",GEOIP_STANDARD);
-+my $gi = Geo::IP::PurePerl->new("/usr/share/GeoIP/GeoIPISP.dat",GEOIP_STANDARD);
-
- my $isp = $gi->org_by_name($addr);
-
---- geoip-lookup-netspeed Tue Mar 30 15:13:36 2010
-+++ geoip-lookup-netspeed Mon Jan 09 18:57:53 2017
-@@ -6,7 +6,7 @@
-
- my $addr = $ARGV[0];
-
--my $gi = Geo::IP::PurePerl->new("/usr/local/share/GeoIP/GeoIPNetSpeed.dat",GEOIP_STANDARD);
-+my $gi = Geo::IP::PurePerl->new("/usr/share/GeoIP/GeoIPNetSpeed.dat",GEOIP_STANDARD);
-
- my $netspeed = $gi->id_by_addr($addr);
-
---- geoip-lookup-org Tue Mar 30 15:13:36 2010
-+++ geoip-lookup-org Mon Jan 09 18:57:59 2017
-@@ -7,7 +7,7 @@
-
- my $addr = shift;
-
--my $gi = Geo::IP::PurePerl->new("/usr/local/share/GeoIP/GeoIPOrg.dat",GEOIP_STANDARD);
-+my $gi = Geo::IP::PurePerl->new("/usr/share/GeoIP/GeoIPOrg.dat",GEOIP_STANDARD);
-
- my $org = $gi->org_by_name($addr);
-
---- geoip-lookup-region Tue Mar 30 15:13:36 2010
-+++ geoip-lookup-region Mon Jan 09 18:58:01 2017
-@@ -10,7 +10,7 @@
-
- my $addr = $ARGV[0];
-
--my $gi = Geo::IP::PurePerl->new("/usr/local/share/GeoIP/GeoIPRegion.dat",GEOIP_STANDARD);
-+my $gi = Geo::IP::PurePerl->new("/usr/share/GeoIP/GeoIPRegion.dat",GEOIP_STANDARD);
-
- my ($country,$region) = $gi->region_by_name($addr);
-
---- INSTALL Tue Mar 30 15:13:36 2010
-+++ INSTALL Mon Jan 09 18:58:05 2017
-@@ -3,7 +3,7 @@
- # fetch latest GeoIP database, updated monthly
- wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
- gunzip GeoIP.dat.gz
--mv GeoIP.dat /usr/local/share/GeoIP/GeoIP.dat
-+mv GeoIP.dat /usr/share/GeoIP/GeoIP.dat
-
- perl Makefile.PL
- make
+++ /dev/null
-diff --git a/geoip/xt_geoip_build b/geoip/xt_geoip_build
-index 3b15875..7bc42f3 100755
---- a/geoip/xt_geoip_build
-+++ b/geoip/xt_geoip_build
-@@ -259,7 +259,12 @@ sub writeCountry
- my ($start, $end) = split('-', $range);
- $start = inet_pton($family, $start);
- $end = inet_pton($family, $end);
-- print $fh $start, $end;
-+
-+ if ($family == AF_INET) {
-+ print $fh substr($start, 0, 4), substr($end, 0, 4);
-+ } else {
-+ print $fh $start, $end;
-+ }
- }
- close $fh;
- }
--- /dev/null
+#!/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2019 IPFire Development Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
+
+# Proxy settings.
+# Check if a proxy should be used.
+if [[ $UPSTREAM_PROXY ]]; then
+ PROXYSETTINGS="https_proxy=http://"
+
+ # Check if authentication against the proxy is configured.
+ if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then
+ PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_USER:$UPSTREAM_PASSWORD@"
+ fi
+
+ # Add proxy server.
+ PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_PROXY"
+
+ # Export proxy settings.
+ export HTTPS_PROXY="$PROXYSETTINGS"
+fi
+
+# Get the latest location database from server.
+if /usr/bin/location-downloader update; then
+
+ # Call initscript to reload the firewall.
+ /etc/init.d/firewall reload
+fi
+++ /dev/null
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2019 IPFire Development Team <info@ipfire.org> #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-TMP_PATH=$(mktemp -dp /var/tmp)
-TMP_FILE=$(mktemp -p $TMP_PATH)
-
-SCRIPT_PATH=/usr/local/bin
-DEST_PATH=/usr/share/xt_geoip
-DB_PATH=/var/lib/GeoIP
-DB1_PATH=/usr/share/GeoIP
-
-DL_URL=https://geolite.maxmind.com/download/geoip/database
-DL_FILE=GeoLite2-Country-CSV.zip
-
-eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
-
-function download() {
- echo "Downloading latest GeoIP ruleset..."
-
- # Proxy settings.
- # Check if a proxy should be used.
- if [[ $UPSTREAM_PROXY ]]; then
- PROXYSETTINGS="-e https_proxy=http://"
-
- # Check if authentication against the proxy is configured.
- if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then
- PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_USER:$UPSTREAM_PASSWORD@"
- fi
-
- # Add proxy server.
- PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_PROXY"
- fi
-
- # Get the latest GeoIP database from server.
- wget $DL_URL/$DL_FILE $PROXYSETTINGS -O $TMP_FILE
-
- # Extract files to database path.
- unzip $TMP_FILE -d $TMP_PATH
-
- return 0
-}
-
-function install() {
- echo "Install CSV database..."
-
- # Check if the database dir exists.
- if [ ! -e "$DB_PATH" ]; then
- mkdir -p $DB_PATH &>/dev/null
- fi
-
- # Check if the directory for binary databases exists.
- if [ ! -e "$DEST_PATH" ]; then
- mkdir -p $DEST_PATH &>/dev/null
- fi
-
- # Install CSV databases.
- if ! cp -af $TMP_PATH/*/* $DB_PATH &>/dev/null; then
- echo "Could not copy files. Aborting." >&2
- return 1
- fi
-
- return 0
-}
-
-function build_legacy() {
- echo "Convert database to legacy GeoIP.dat ..."
- cat $DB_PATH/GeoLite2-Country-Blocks-IPv4.csv | \
- $DB1_PATH/bin/geolite2-to-legacy-csv.sh $DB1_PATH/bin/countryInfo.txt > \
- $TMP_FILE
- $DB1_PATH/bin/geoip-generator -v -4 --info="$(date -u +'GEO-106FREE %Y%m%d Build -IPFire-' \
- -r $DB_PATH/GeoLite2-Country-Blocks-IPv4.csv) $(<$DB_PATH/COPYRIGHT.txt)" -o \
- $DB1_PATH/GeoIP.dat $TMP_FILE
-
- return 0
-}
-
-
-function build() {
- echo "Convert database..."
-
- # Run script to convert the CSV file into several xtables
- # compatible binary files.
- if ! $SCRIPT_PATH/xt_geoip_build -S $DB_PATH -D $DEST_PATH; then
- echo "Could not convert ruleset. Aborting." >&2
- return 1
- fi
-
- return 0
-}
-
-function cleanup() {
- echo "Cleaning up temporary files..."
- if ! rm -rf $TMP_PATH &>/dev/null; then
- echo "Could not remove files. Aborting." >&2
- return 1
- fi
-
- return 0
-}
-
-function main() {
- local func
- for func in download install build build_legacy; do
- if ! ${func}; then
- # Cleanup any temporary data
- cleanup
-
- return 1
- fi
- done
-
- # Cleanup
- cleanup || return $?
-
- # All done
- return 0
-}
-
-# Run the main function.
-main || exit $?