geblockte ausgehende nicht mehr nötig da nur noch alle eingehenden nach Filter geblockt werden
This commit is contained in:
93
ban2mysql.pl
93
ban2mysql.pl
@@ -191,96 +191,6 @@ for my $l ( @file ) {
|
||||
"$h:$m:$s"
|
||||
);
|
||||
}
|
||||
} else {
|
||||
|
||||
( $month, $day, $h, $m, $s, $kat, $src, $dst, $port ) = $l =~ /(.*?) (.*?) (..):(..):(..) 192.*banIP\/...-lan\/reject\/(.*?):.*SRC=(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) DST=(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}).*DPT=(\d+)/;
|
||||
|
||||
$dt = '';
|
||||
if ( $month ) {
|
||||
$month = $month2int->{lc $month};
|
||||
my $mysqldt = "$year-$month-$day $h:$m:$s";
|
||||
my $dt1 = DateTime->new(
|
||||
year => $year,
|
||||
month => $month,
|
||||
day => $day,
|
||||
hour => $h,
|
||||
minute => $m,
|
||||
second => $s
|
||||
);
|
||||
|
||||
my $id;
|
||||
|
||||
my $da = $dbh->selectrow_hashref('SELECT * FROM banip_blockout WHERE src = ? and dst = ? and port = ?', undef, $src, $dst, $port );
|
||||
if ( $da ) {
|
||||
$id = $da->{id};
|
||||
my ( $year2, $month2, $day2, $h2, $m2, $s2) = $da->{updated} =~ /(....)-(..)-(..) (..):(..):(..)/;
|
||||
my $dt2 = DateTime->new(
|
||||
year => $year2,
|
||||
month => $month2,
|
||||
day => $day2,
|
||||
hour => $h2,
|
||||
minute => $m2,
|
||||
second => $s2
|
||||
);
|
||||
|
||||
my $cmp = DateTime->compare( $dt1, $dt2 );
|
||||
if ( $cmp == 1 ) {
|
||||
$dbh->do('UPDATE banip_blockout set count = count + 1, updated = ? WHERE src = ? and dst = ? and port = ?', undef, $mysqldt, $src, $dst, $port );
|
||||
}
|
||||
|
||||
if ( ! $nolandforip{$dst} ) {
|
||||
if ( !$da->{cid} ) {
|
||||
$nolandforip{$dst} = 1;
|
||||
|
||||
if ( $hundred == 100 ) {
|
||||
$first ++;
|
||||
$nolandips{$first} = ();
|
||||
$hundred = 0;
|
||||
}
|
||||
|
||||
push @{$nolandips{$first}}, {"query"=> $dst, "fields"=> "country,countryCode,query", "lang"=> "de"};
|
||||
$hundred ++;
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
$dbh->do(
|
||||
'INSERT INTO banip_blockout (
|
||||
created,
|
||||
updated,
|
||||
src,
|
||||
dst,
|
||||
port,
|
||||
kat)
|
||||
VALUES (
|
||||
?,
|
||||
?,
|
||||
?,
|
||||
?,
|
||||
?,
|
||||
?)', undef,
|
||||
$mysqldt,
|
||||
$mysqldt,
|
||||
$src,
|
||||
$dst,
|
||||
$port,
|
||||
$kat
|
||||
);
|
||||
$id = $dbh->last_insert_id();
|
||||
|
||||
$nolandforip{$dst} = 1;
|
||||
|
||||
if ( $hundred == 100 ) {
|
||||
$first ++;
|
||||
$nolandips{$first} = ();
|
||||
$hundred = 0;
|
||||
}
|
||||
|
||||
push @{$nolandips{$first}}, {"query"=> $dst, "fields"=> "country,countryCode,query", "lang"=> "de"};
|
||||
$hundred ++;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -311,7 +221,6 @@ for my $ar ( keys %nolandips ) {
|
||||
$coun{$query->{country}} = $cid;
|
||||
}
|
||||
|
||||
$dbh->do('UPDATE banip_attacker set cid = ? WHERE src = ?', undef, $cid, $query->{query} );
|
||||
$dbh->do('UPDATE banip_blockout set cid = ? WHERE dst = ?', undef, $cid, $query->{query} );
|
||||
$dbh->do('UPDATE banip_attacker set cid = ?, updated = updated WHERE src = ?', undef, $cid, $query->{query} );
|
||||
}
|
||||
}
|
||||
|
||||
73
cid2ip.pl
Normal file
73
cid2ip.pl
Normal file
@@ -0,0 +1,73 @@
|
||||
#!/usr/bin/perl
|
||||
use strict;
|
||||
use warnings;
|
||||
use DBI;
|
||||
use DateTime;
|
||||
use Data::Printer;
|
||||
use File::Slurp;
|
||||
|
||||
use Mojo::UserAgent;
|
||||
|
||||
# Connect to the database.
|
||||
my $dbh = DBI->connect("DBI:MariaDB:database=kram;host=edna",
|
||||
"steffen", "66WXRlvF0UUV",
|
||||
{'RaiseError' => 1});
|
||||
|
||||
my $ua = Mojo::UserAgent->new();
|
||||
|
||||
my %knownips;
|
||||
my %nolandips;
|
||||
my $hundred = 0;
|
||||
my $first = 0;
|
||||
|
||||
my $country = $dbh->selectcol_arrayref('SELECT country, cid FROM banip_country', {Columns=>[1, 2]});
|
||||
my %coun = @$country;
|
||||
|
||||
$nolandips{$first} = ();
|
||||
|
||||
my $da = $dbh->selectall_arrayref('SELECT a.src FROM banip_attacker a WHERE cid IS NULL GROUP BY src' );
|
||||
|
||||
for my $d ( @$da ) {
|
||||
#p @$d[0];
|
||||
if ( $hundred == 100 ) {
|
||||
$first ++;
|
||||
$nolandips{$first} = ();
|
||||
$hundred = 0;
|
||||
}
|
||||
|
||||
$knownips{@$d[0]} = 1;
|
||||
push @{$nolandips{$first}}, {"query"=> @$d[0], "fields"=> "country,countryCode,query", "lang"=> "de"};
|
||||
$hundred ++;
|
||||
}
|
||||
p %nolandips;
|
||||
|
||||
# Land über IP von ip-api.com holen batch mit jeweils 100 ips
|
||||
for my $ar ( keys %nolandips ) {
|
||||
sleep(5);
|
||||
my $req = $ua->post("http://ip-api.com/batch" => {Accept => '*/*'} => json => $nolandips{$ar} )->result->json;
|
||||
# p $nolandips{$ar};
|
||||
|
||||
for my $query ( @$req ) {
|
||||
my $cid;
|
||||
# land in Datenbank bekannt cid zuordnen
|
||||
if ( $coun{$query->{country}} ) {
|
||||
$cid = $coun{$query->{country}};
|
||||
} else {
|
||||
# Land nicht bekannt eintragen und neue id zuordnen
|
||||
$dbh->do(
|
||||
'INSERT INTO banip_country (
|
||||
country,
|
||||
countryCode)
|
||||
VALUES (
|
||||
?,
|
||||
?)', undef,
|
||||
$query->{country},
|
||||
$query->{countryCode},
|
||||
);
|
||||
$cid = $dbh->last_insert_id();
|
||||
$coun{$query->{country}} = $cid;
|
||||
}
|
||||
|
||||
$dbh->do('UPDATE banip_attacker set cid = ?, updated = updated WHERE src = ?', undef, $cid, $query->{query} );
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user