… | |
… | |
4 | |
4 | |
5 | use Socket; |
5 | use Socket; |
6 | use Fcntl; |
6 | use Fcntl; |
7 | |
7 | |
8 | use Coro; |
8 | use Coro; |
9 | use Coro::Event; |
9 | use Coro::EV; |
10 | use Coro::Semaphore; |
10 | use Coro::Semaphore; |
11 | use Coro::SemaphoreSet; |
11 | use Coro::SemaphoreSet; |
12 | use Coro::Socket; |
12 | use Coro::Socket; |
|
|
13 | use Coro::Timer; |
13 | |
14 | |
14 | $Event::DIED = sub { |
15 | use BerkeleyDB; |
15 | Event::verbose_exception_handler(@_); |
|
|
16 | #Event::unloop_all(); |
|
|
17 | }; |
|
|
18 | |
16 | |
19 | tie %netgeo::whois, BerkeleyDB::Btree, |
17 | tie %netgeo::whois, BerkeleyDB::Btree, |
20 | -Env => $db_env, |
18 | -Env => $db_env, |
21 | -Filename => "whois", |
19 | -Filename => "whois", |
22 | -Flags => DB_CREATE, |
20 | -Flags => DB_CREATE, |
… | |
… | |
27 | -Flags => DB_CREATE, |
25 | -Flags => DB_CREATE, |
28 | or die "unable to create/open iprange table"; |
26 | or die "unable to create/open iprange table"; |
29 | |
27 | |
30 | package Whois; |
28 | package Whois; |
31 | |
29 | |
32 | use Coro::Event; |
30 | use Coro::EV; |
33 | |
31 | |
34 | sub new { |
32 | sub new { |
35 | my $class = shift; |
33 | my $class = shift; |
36 | my $name = shift; |
34 | my $name = shift; |
37 | my $ip = shift; |
35 | my $ip = shift; |
… | |
… | |
61 | my $timeout = 5; |
59 | my $timeout = 5; |
62 | |
60 | |
63 | while () { |
61 | while () { |
64 | my $fh = new Coro::Socket |
62 | my $fh = new Coro::Socket |
65 | PeerAddr => $self->ip, |
63 | PeerAddr => $self->ip, |
66 | PeerPort => 'whois', |
64 | PeerPort => $self->{port} || "whois", |
67 | Timeout => 30; |
65 | Timeout => 30; |
68 | if ($fh) { |
66 | if ($fh) { |
69 | print $fh "$query\n"; |
67 | print $fh "$query\n"; |
70 | $fh->read($whois, 16*1024); # max 16k. whois stored |
68 | $fh->read($whois, 16*1024); # max 16k. whois stored |
71 | close $fh; |
69 | close $fh; |
… | |
… | |
81 | $timeout *= 2; |
79 | $timeout *= 2; |
82 | $timeout = 1 if $timeout > 600; |
80 | $timeout = 1 if $timeout > 600; |
83 | } else { |
81 | } else { |
84 | last; |
82 | last; |
85 | } |
83 | } |
|
|
84 | } else { |
|
|
85 | # only retry once a minute |
|
|
86 | print STDERR "unable to connect to $self->{ip} ($self->{name}), retrying...\n"; |
|
|
87 | Coro::Timer::sleep 300; |
86 | } |
88 | } |
87 | } |
89 | } |
88 | |
90 | |
89 | $netgeo::whois{$id} = $whois; |
91 | $netgeo::whois{$id} = $whois; |
90 | } |
92 | } |
… | |
… | |
113 | sub ip_request { |
115 | sub ip_request { |
114 | my ($self, $ip) = @_; |
116 | my ($self, $ip) = @_; |
115 | |
117 | |
116 | my $whois = $self->whois_request($ip); |
118 | my $whois = $self->whois_request($ip); |
117 | |
119 | |
118 | return () if $whois =~ /^No match/; |
120 | return if $whois =~ /^No match/; |
119 | |
121 | |
120 | if ($whois =~ /^To single out one record/m) { |
122 | if ($whois =~ /^To single out one record/m) { |
121 | my $handle; |
123 | my $handle; |
122 | while ($whois =~ /\G\S.*\(([A-Z0-9\-]+)\).*\n/mg) { |
124 | while ($whois =~ /\G\S.*\(([A-Z0-9\-]+)\).*\n/mg) { |
123 | $handle = $1; |
125 | $handle = $1; |
124 | #return if $handle =~ /-(RIPE|APNIC)/; # heuristic, bbut bad because ripe might not have better info |
126 | #return if $handle =~ /-(RIPE|APNIC)/; # heuristic, but bad because ripe might not have better info |
125 | } |
127 | } |
126 | $handle or die "$whois ($ip): unparseable multimatch\n"; |
128 | $handle or die "$whois ($ip): unparseable multimatch\n"; |
127 | $whois = $self->whois_request("!$handle"); |
129 | $whois = $self->whois_request("!$handle"); |
128 | } |
130 | } |
129 | |
131 | |
… | |
… | |
165 | $whois; |
167 | $whois; |
166 | } |
168 | } |
167 | |
169 | |
168 | package Whois::RIPE; |
170 | package Whois::RIPE; |
169 | |
171 | |
|
|
172 | use Socket; |
170 | use base Whois; |
173 | use base Whois; |
171 | |
174 | |
172 | sub sanitize { |
175 | sub sanitize { |
173 | local $_ = $_[1]; |
176 | local $_ = $_[1]; |
|
|
177 | |
174 | s/^%.*\n//gm; |
178 | s/^%.*\n//gm; |
175 | s/^\n+//; |
179 | s/^\n+//; |
176 | s/\n*$/\n/; |
180 | s/\n*$/\n/; |
|
|
181 | |
|
|
182 | s/^inetnum:\s+/*in: /gm; |
|
|
183 | s/^admin-c:\s+/*ac: /gm; |
|
|
184 | s/^tech-c:\s+/*tc: /gm; |
|
|
185 | s/^owner-c:\s+/*oc: /gm; |
|
|
186 | s/^country:\s+/*cy: /gm; |
|
|
187 | s/^phone:\s+/*ph: /gm; |
|
|
188 | s/^remarks:\s+/*rm: /gm; |
|
|
189 | s/^changed:\s+/*ch: /gm; |
|
|
190 | s/^created:\s+/*cr: /gm; |
|
|
191 | s/^address:\s+/*ad: /gm; |
|
|
192 | s/^status:\s+/*st: /gm; |
|
|
193 | s/^inetrev:\s+/*ir: /gm; |
|
|
194 | s/^nserver:\s+/*ns: /gm; |
|
|
195 | |
177 | $_; |
196 | $_; |
178 | } |
197 | } |
179 | |
198 | |
180 | sub ip_request { |
199 | sub ip_request { |
181 | my ($self, $ip) = @_; |
200 | my ($self, $ip) = @_; |
182 | |
201 | |
183 | my $whois = $self->whois_request("-FSTin $ip"); |
202 | my $whois = $self->whois_request("$self->{rflags}$ip"); |
|
|
203 | |
|
|
204 | $whois =~ s{ |
|
|
205 | (2[0-5][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9]) |
|
|
206 | (?:\. |
|
|
207 | (2[0-5][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9]) |
|
|
208 | (?:\. |
|
|
209 | (2[0-5][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9]) |
|
|
210 | (?:\. |
|
|
211 | (2[0-5][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9]) |
|
|
212 | )? |
|
|
213 | )? |
|
|
214 | )? |
|
|
215 | / |
|
|
216 | ([0-9]+) |
|
|
217 | }{ |
|
|
218 | my $ip = inet_aton sprintf "%d.%d.%d.%d", $1, $2, $3, $4; |
|
|
219 | my $net = 1 << (31 - $5); |
|
|
220 | my $mask = inet_aton 2 ** 32 - $net; |
|
|
221 | |
|
|
222 | my $ip1 = $ip & $mask; |
|
|
223 | my $ip2 = $ip1 | inet_aton $net * 2 - 1; |
|
|
224 | (inet_ntoa $ip1) . " - " . (inet_ntoa $ip2); |
|
|
225 | }gex; |
184 | |
226 | |
185 | $whois =~ /^\*in: 0\.0\.0\.0 - 255\.255\.255\.255/ |
227 | $whois =~ /^\*in: 0\.0\.0\.0 - 255\.255\.255\.255/ |
186 | and return; |
228 | and return; |
187 | |
229 | |
|
|
230 | $whois =~ /^\*de: This network range is not allocated to /m # APINIC e.g. 24.0.0.0 |
|
|
231 | and return; |
|
|
232 | |
188 | $whois =~ /^\*ac: XXX0/m # 192.0.0.0 |
233 | $whois =~ /^\*ac: XXX0/m # 192.0.0.0 |
|
|
234 | and return; |
|
|
235 | |
|
|
236 | $whois =~ /^\*st: (?:ALLOCATED )?UNSPECIFIED/m |
189 | and return; |
237 | and return; |
190 | |
238 | |
191 | $whois =~ /^%ERROR:/m |
239 | $whois =~ /^%ERROR:/m |
192 | and return; |
240 | and return; |
193 | |
241 | |
194 | #while ($whois =~ s/^\*(?:ac|tc):\s+(\S+)\n//m) { |
242 | #while ($whois =~ s/^\*(?:ac|tc):\s+(\S+)\n//m) { |
195 | # $whois .= $self->whois_request("-FSTpn $1"); |
243 | # $whois .= $self->whois_request("-FSTpn $1"); |
196 | #} |
244 | #} |
197 | |
245 | |
|
|
246 | #$whois =~ s/^\*(?:pn|nh|mb|ch|so|rz|ny|st|rm):.*\n//mg; |
|
|
247 | |
|
|
248 | $whois =~ s/\n+$//; |
|
|
249 | |
|
|
250 | $whois; |
|
|
251 | } |
|
|
252 | |
|
|
253 | package Whois::RWHOIS; |
|
|
254 | |
|
|
255 | use base Whois; |
|
|
256 | |
|
|
257 | sub sanitize { |
|
|
258 | local $_ = $_[1]; |
|
|
259 | s/^%referral\s+/referral:/gm; |
|
|
260 | s/^network://gm; |
|
|
261 | s/^%.*\n//gm; |
|
|
262 | s/^\n+//m; |
|
|
263 | s/\n*$/\n/m; |
|
|
264 | |
|
|
265 | s/^(\S+):\s*/\L$1: /gm; |
|
|
266 | s/^ip-network-block:/*in:/gm; |
|
|
267 | s/^country-code:/*cy:/gm; |
|
|
268 | s/^tech-contact;i:/*tc:/gm; |
|
|
269 | s/^updated:/*ch:/gm; |
|
|
270 | s/^street-address:/*ad:/gm; |
|
|
271 | s/^org-name:/*rm:/gm; |
|
|
272 | s/^created:/*cr:/gm; |
|
|
273 | |
|
|
274 | $_; |
|
|
275 | } |
|
|
276 | |
|
|
277 | sub ip_request { |
|
|
278 | my ($self, $ip) = @_; |
|
|
279 | |
|
|
280 | my $whois = $self->whois_request("$ip"); |
|
|
281 | |
|
|
282 | $whois =~ /^\*in: 0\.0\.0\.0 - 255\.255\.255\.255/ |
|
|
283 | and return; |
|
|
284 | |
|
|
285 | $whois =~ /^\*ac: XXX0/m # 192.0.0.0 |
|
|
286 | and return; |
|
|
287 | |
|
|
288 | $whois =~ /^%ERROR:/m |
|
|
289 | and return; |
|
|
290 | |
|
|
291 | #while ($whois =~ s/^\*(?:ac|tc):\s+(\S+)\n//m) { |
|
|
292 | # $whois .= $self->whois_request("-FSTpn $1"); |
|
|
293 | #} |
|
|
294 | |
198 | $whois =~ s/^\*(?:pn|nh|mb|ch|so|rz|ny|st|rm):.*\n//mg; |
295 | $whois =~ s/^\*(?:pn|nh|mb|ch|so|rz|ny|st|rm):.*\n//mg; |
199 | |
296 | |
200 | $whois =~ s/\n+$//; |
297 | $whois =~ s/\n+$//; |
201 | |
298 | |
202 | $whois; |
299 | $whois; |
203 | } |
300 | } |
204 | |
301 | |
205 | package netgeo; |
302 | package netgeo; |
206 | |
303 | |
|
|
304 | use Socket; |
207 | use BerkeleyDB; |
305 | use BerkeleyDB; |
208 | use Socket; |
|
|
209 | |
306 | |
210 | sub ip2int($) { |
307 | sub ip2int($) { |
211 | unpack "N", inet_aton $_[0]; |
308 | unpack "N", inet_aton $_[0]; |
212 | } |
309 | } |
213 | |
310 | |
… | |
… | |
215 | inet_ntoa pack "N", $_[0]; |
312 | inet_ntoa pack "N", $_[0]; |
216 | } |
313 | } |
217 | |
314 | |
218 | our %WHOIS; |
315 | our %WHOIS; |
219 | |
316 | |
220 | $WHOIS{ARIN} = new Whois::ARIN ARIN => "whois.arin.net", maxjobs => 12; |
317 | #$WHOIS{ARIN} = new Whois::ARIN ARIN => "whois.arin.net", port => 43, maxjobs => 12; |
|
|
318 | $WHOIS{ARIN} = new Whois::RWHOIS ARIN => "rwhois.arin.net", port => 4321, maxjobs => 12; |
221 | $WHOIS{RIPE} = new Whois::RIPE RIPE => "whois.ripe.net", maxjobs => 20; |
319 | $WHOIS{RIPE} = new Whois::RIPE RIPE => "whois.ripe.net", port => 43, rflags => "-FTin ", maxjobs => 20; |
|
|
320 | $WHOIS{APNIC} = new Whois::RIPE APNIC => "whois.apnic.net", port => 43, rflags => "-FTin ", maxjobs => 20; |
222 | $WHOIS{APNIC} = new Whois::RIPE APNIC => "whois.apnic.net", maxjobs => 20; |
321 | $WHOIS{LACNIC} = new Whois::RIPE LACNIC => "whois.lacnic.net", port => 43, maxjobs => 20; |
223 | |
322 | |
224 | $whoislock = new Coro::SemaphoreSet; |
323 | $whoislock = new Coro::SemaphoreSet; |
225 | |
324 | |
226 | sub ip_request { |
325 | sub ip_request { |
227 | my $ip = $_[0]; |
326 | my $ip = $_[0]; |
… | |
… | |
239 | } |
338 | } |
240 | } |
339 | } |
241 | |
340 | |
242 | my ($arin, $ripe, $apnic); |
341 | my ($arin, $ripe, $apnic); |
243 | |
342 | |
244 | $whois = $WHOIS{APNIC}->ip_request($ip) |
343 | $whois = $WHOIS{RIPE}->ip_request($ip) |
245 | || $WHOIS{RIPE} ->ip_request($ip) |
344 | || $WHOIS{APNIC} ->ip_request($ip) |
246 | || $WHOIS{ARIN} ->ip_request($ip); |
345 | || $WHOIS{ARIN} ->ip_request($ip) |
|
|
346 | # || $WHOIS{LACNIC}->ip_request($ip) |
|
|
347 | ; |
247 | |
348 | |
248 | $whois =~ /^\*in: ([0-9.]+)\s+-\s+([0-9.]+)\s*$/mi |
349 | $whois =~ /^\*in: ([0-9.]+)\s+-\s+([0-9.]+)\s*$/mi |
249 | or do { warn "$whois($ip): no addresses found\n", last }; |
350 | or do { warn "$whois($ip): no addresses found\n", last }; |
250 | |
351 | |
251 | my ($ip0, $ip1) = ($1, $2); |
352 | my ($ip0, $ip1) = ($1, $2); |
… | |
… | |
265 | $iprange->db_sync; |
366 | $iprange->db_sync; |
266 | |
367 | |
267 | $whois; |
368 | $whois; |
268 | } |
369 | } |
269 | |
370 | |
|
|
371 | if (0) { |
|
|
372 | #print ip_request "68.52.164.8"; # goof |
|
|
373 | #print "\n\n"; |
|
|
374 | #print ip_request "200.202.220.222"; # lacnic |
|
|
375 | #print "\n\n"; |
|
|
376 | #print ip_request "62.116.167.250"; |
|
|
377 | #print "\n\n"; |
|
|
378 | #print ip_request "133.11.128.254"; # jp |
|
|
379 | #print "\n\n"; |
|
|
380 | print ip_request "80.131.153.93"; |
|
|
381 | print "\n\n"; |
|
|
382 | } |
270 | |
383 | |
|
|
384 | 1; |
271 | |
385 | |
|
|
386 | |