1 |
root |
1.1 |
#!/usr/bin/perl |
2 |
|
|
|
3 |
|
|
# APNIC refer: KRNIC (for 211.104.0.0) |
4 |
|
|
|
5 |
|
|
use Socket; |
6 |
|
|
use Fcntl; |
7 |
|
|
|
8 |
|
|
use PApp::SQL; |
9 |
|
|
|
10 |
|
|
use Coro; |
11 |
|
|
use Coro::Event; |
12 |
|
|
use Coro::Semaphore; |
13 |
|
|
use Coro::Socket; |
14 |
|
|
|
15 |
|
|
$Event::DIED = sub { |
16 |
|
|
Event::verbose_exception_handler(@_); |
17 |
|
|
#Event::unloop_all(); |
18 |
|
|
}; |
19 |
|
|
|
20 |
|
|
package Whois; |
21 |
|
|
|
22 |
|
|
use PApp::SQL; |
23 |
|
|
use Coro::Event; |
24 |
|
|
|
25 |
|
|
sub new { |
26 |
|
|
my $class = shift; |
27 |
|
|
my $name = shift; |
28 |
|
|
my $ip = shift; |
29 |
|
|
my $self = bless { name => $name, ip => $ip, @_ }, $class; |
30 |
|
|
$self->{maxjobs} = new Coro::Semaphore $self->{maxjobs} || 1; |
31 |
|
|
$self; |
32 |
|
|
} |
33 |
|
|
|
34 |
|
|
sub ip { |
35 |
|
|
$_[0]{ip}; |
36 |
|
|
} |
37 |
|
|
|
38 |
|
|
sub sanitize { |
39 |
|
|
$_[1]; |
40 |
|
|
} |
41 |
|
|
|
42 |
|
|
sub whois_request { |
43 |
|
|
my ($self, $query) = @_; |
44 |
|
|
my ($id, $whois); |
45 |
|
|
|
46 |
|
|
my $st = sql_exec \($id, $whois), |
47 |
|
|
"select id, whois from whois |
48 |
|
|
where nic = ? and query = ?", |
49 |
|
|
$self->{name}, $query; |
50 |
|
|
|
51 |
|
|
unless ($st->fetch) { |
52 |
|
|
my $guard = $self->{maxjobs}->guard; |
53 |
|
|
my $timeout = 5; |
54 |
|
|
|
55 |
|
|
while () { |
56 |
|
|
my $fh = new Coro::Socket |
57 |
|
|
PeerAddr => $self->ip, |
58 |
|
|
PeerPort => 'whois', |
59 |
|
|
Timeout => 30; |
60 |
|
|
if ($fh) { |
61 |
|
|
print $fh "$query\n"; |
62 |
|
|
$fh->read($whois, 16*1024); # max 16k. whois stored |
63 |
|
|
close $fh; |
64 |
|
|
$whois =~ s/\015?\012/\n/g; |
65 |
|
|
$whois = $self->sanitize($whois); |
66 |
|
|
if ($whois eq "" |
67 |
|
|
or ($whois =~ /query limit/i && $whois =~ /exceeded/i) # ARIN |
68 |
|
|
or ($whois =~ /wait a while and try again/i) # ARIN |
69 |
|
|
or ($whois =~ /^%ERROR:202:/) # RIPE/APNIC |
70 |
|
|
) { |
71 |
|
|
print "retrying in $timeout seconds\n";#d# |
72 |
|
|
do_timer(desc => "timer2", after => $timeout); |
73 |
|
|
$timeout *= 2; |
74 |
|
|
$timeout = 1 if $timeout > 600; |
75 |
|
|
} else { |
76 |
|
|
last; |
77 |
|
|
} |
78 |
|
|
} |
79 |
|
|
} |
80 |
|
|
|
81 |
|
|
sql_exec "replace into whois values (NULL,?,?,NULL,?,?)", |
82 |
|
|
$self->{name}, $query, $whois, time; |
83 |
|
|
|
84 |
|
|
my $st = sql_exec \$id, |
85 |
|
|
"select id from whois |
86 |
|
|
where nic = ? and query = ?", |
87 |
|
|
$self->{name}, $query; |
88 |
|
|
$st->fetch or die; |
89 |
|
|
} |
90 |
|
|
|
91 |
|
|
$whois; |
92 |
|
|
} |
93 |
|
|
|
94 |
|
|
package Whois::ARIN; |
95 |
|
|
|
96 |
|
|
use Date::Parse; |
97 |
|
|
use PApp::SQL; |
98 |
|
|
|
99 |
|
|
use base Whois; |
100 |
|
|
|
101 |
|
|
sub sanitize { |
102 |
|
|
local $_ = $_[1]; |
103 |
|
|
s/\n[\t ]{6,}([0-9.]+ - [0-9.]+)/ $1/g; |
104 |
|
|
$_; |
105 |
|
|
} |
106 |
|
|
|
107 |
|
|
# there are only two problems with arin's whois database: |
108 |
|
|
# a) the data cannot be trusted and often is old or even wrong |
109 |
|
|
# b) the database format is nonparsable |
110 |
|
|
# (no spaces between netname/ip and netnames can end in digits ;) |
111 |
|
|
# of course, the only source to find out about global |
112 |
|
|
# address distribution is... arin. |
113 |
|
|
sub ip_request { |
114 |
|
|
my ($self, $ip) = @_; |
115 |
|
|
|
116 |
|
|
my $whois = $self->whois_request($ip); |
117 |
|
|
|
118 |
|
|
return () if $whois =~ /^No match/; |
119 |
|
|
|
120 |
|
|
if ($whois =~ /^To single out one record/m) { |
121 |
|
|
my $handle; |
122 |
|
|
while ($whois =~ /\G\S.*\(([A-Z0-9\-]+)\).*\n/mg) { |
123 |
|
|
$handle = $1; |
124 |
|
|
#return if $handle =~ /-(RIPE|APNIC)/; # heuristic, bbut bad because ripe might not have better info |
125 |
|
|
} |
126 |
|
|
$handle or die "$whois ($ip): unparseable multimatch\n"; |
127 |
|
|
$whois = $self->whois_request("!$handle"); |
128 |
|
|
} |
129 |
|
|
|
130 |
|
|
my ($address, $info, $coordinator, undef) = split /\n\n/, $whois; |
131 |
|
|
|
132 |
|
|
$info =~ /^\s+Netname: (\S+)$/mi |
133 |
|
|
or die "$whois($ip): no netname\n"; |
134 |
|
|
my $netname = $1; |
135 |
|
|
|
136 |
|
|
$info =~ /^\s+Netblock: ([0-9.]+\s+-\s+[0-9.]+)\s*$/mi |
137 |
|
|
or die "$whois($ip): no netblock\n"; |
138 |
|
|
my $netblock = $1; |
139 |
|
|
|
140 |
|
|
my $maintainer; |
141 |
|
|
|
142 |
|
|
if ($info =~ /^\s+Maintainer: (\S+)\s*$/mi) { |
143 |
|
|
$maintainer = "*ma: $1\n"; |
144 |
|
|
return if $1 =~ /^(?:AP|RIPE)$/; |
145 |
|
|
} |
146 |
|
|
|
147 |
|
|
$coordinator =~ s/^\s+Coordinator:\s*//si |
148 |
|
|
or $coordinator = ""; |
149 |
|
|
|
150 |
|
|
$address =~ s/\n\s*(\S+)$// |
151 |
|
|
or die "$whois($ip): no parseable country ($address)\n"; |
152 |
|
|
my $country = $1; |
153 |
|
|
|
154 |
|
|
$address =~ s/^\s*/*de: /mg; |
155 |
|
|
$coordinator =~ s/^\s*/*ad: /mg; |
156 |
|
|
|
157 |
|
|
$whois = <<EOF; |
158 |
|
|
*in: $netblock |
159 |
|
|
*na: $netname |
160 |
|
|
*cy: $country |
161 |
|
|
$maintainer$address |
162 |
|
|
$coordinator |
163 |
|
|
EOF |
164 |
|
|
$whois =~ s/\n+$//; |
165 |
|
|
$whois; |
166 |
|
|
} |
167 |
|
|
|
168 |
|
|
package Whois::RIPE; |
169 |
|
|
|
170 |
|
|
use PApp::SQL; |
171 |
|
|
|
172 |
|
|
use base Whois; |
173 |
|
|
|
174 |
|
|
sub sanitize { |
175 |
|
|
local $_ = $_[1]; |
176 |
|
|
s/^%.*\n//gm; |
177 |
|
|
s/^\n+//; |
178 |
|
|
s/\n*$/\n/; |
179 |
|
|
$_; |
180 |
|
|
} |
181 |
|
|
|
182 |
|
|
sub ip_request { |
183 |
|
|
my ($self, $ip) = @_; |
184 |
|
|
|
185 |
|
|
my $whois = $self->whois_request("-FSTin $ip"); |
186 |
|
|
|
187 |
|
|
$whois =~ /^\*in: 0\.0\.0\.0 - 255\.255\.255\.255/ |
188 |
|
|
and return; |
189 |
|
|
|
190 |
|
|
$whois =~ /^\*ac: XXX0/m # 192.0.0.0 |
191 |
|
|
and return; |
192 |
|
|
|
193 |
|
|
$whois =~ /^%ERROR:/m |
194 |
|
|
and return; |
195 |
|
|
|
196 |
|
|
#while ($whois =~ s/^\*(?:ac|tc):\s+(\S+)\n//m) { |
197 |
|
|
# $whois .= $self->whois_request("-FSTpn $1"); |
198 |
|
|
#} |
199 |
|
|
|
200 |
|
|
$whois =~ s/^\*(?:pn|nh|mb|ch|so|rz|ny|st|rm):.*\n//mg; |
201 |
|
|
|
202 |
|
|
$whois =~ s/\n+$//; |
203 |
|
|
|
204 |
|
|
$whois; |
205 |
|
|
} |
206 |
|
|
|
207 |
|
|
package main; |
208 |
|
|
|
209 |
|
|
sub ip2int($) { |
210 |
|
|
unpack "N", inet_aton $_[0]; |
211 |
|
|
} |
212 |
|
|
|
213 |
|
|
sub int2ip($) { |
214 |
|
|
inet_ntoa pack "N", $_[0]; |
215 |
|
|
} |
216 |
|
|
|
217 |
|
|
our %WHOIS; |
218 |
|
|
|
219 |
|
|
$WHOIS{ARIN} = new Whois::ARIN ARIN => "whois.arin.net", maxjobs => 12; |
220 |
|
|
$WHOIS{RIPE} = new Whois::RIPE RIPE => "whois.ripe.net", maxjobs => 20; |
221 |
|
|
$WHOIS{APNIC} = new Whois::RIPE APNIC => "whois.apnic.net", maxjobs => 20; |
222 |
|
|
|
223 |
|
|
sub ip_request { |
224 |
|
|
my $ip = $_[0]; |
225 |
|
|
my $_ip = ip2int($ip); |
226 |
|
|
|
227 |
|
|
my $st = sql_exec \my($whois, $ip0), |
228 |
|
|
"select data, ip0 from iprange |
229 |
|
|
where ? <= ip1 |
230 |
|
|
having ip0 <= ? |
231 |
|
|
order by ip1 |
232 |
|
|
limit 1", |
233 |
|
|
$_ip, $_ip; |
234 |
|
|
|
235 |
|
|
unless ($st->fetch) { |
236 |
|
|
my ($arin, $ripe, $apnic); |
237 |
|
|
|
238 |
|
|
$whois = $WHOIS{APNIC}->ip_request($ip) |
239 |
|
|
|| $WHOIS{RIPE} ->ip_request($ip) |
240 |
|
|
|| $WHOIS{ARIN} ->ip_request($ip); |
241 |
|
|
|
242 |
|
|
$whois =~ /^\*in: ([0-9.]+)\s+-\s+([0-9.]+)\s*$/mi |
243 |
root |
1.3 |
or do { warn "$whois($ip): no addresses found\n", last }; |
244 |
root |
1.1 |
|
245 |
|
|
my ($ip0, $ip1) = ($1, $2); |
246 |
|
|
|
247 |
|
|
my $_ip0 = ip2int($ip0); |
248 |
|
|
my $_ip1 = ip2int($ip1); |
249 |
|
|
|
250 |
|
|
if ($_ip0 + 256 < $_ip1) { |
251 |
|
|
$_ip = $_ip & 0xffffff00; |
252 |
|
|
$_ip0 = $_ip if $_ip0 < $_ip; |
253 |
|
|
$_ip1 = $_ip + 255 if $_ip1 > $_ip + 255; |
254 |
|
|
} |
255 |
|
|
|
256 |
|
|
sql_exec "replace into iprange values (?, ?, NULL, ?)", |
257 |
|
|
$_ip0, $_ip1, $whois; |
258 |
|
|
|
259 |
|
|
#print "$ip ($ip0, $ip1 ($_ip0, $_ip1)\n$whois\n"; |
260 |
|
|
} |
261 |
|
|
|
262 |
|
|
$whois; |
263 |
|
|
} |
264 |
|
|
|
265 |
|
|
|
266 |
|
|
|