From 2cce5212e49f7da676670446db8aa4fc176d7f1d Mon Sep 17 00:00:00 2001 From: epoch Date: Wed, 1 Jun 2016 22:24:29 +0000 Subject: added a chan domain. changed some marc stuff. anocheck script for watching for ASN downages. --- contrib/anocheck/hand-check.sh | 4 + contrib/anocheck/test.sh | 7 ++ contrib/marc/README | 1 + contrib/marc/marc.c | 8 ++ contrib/marc/marc.db | Bin 0 -> 1840750 bytes contrib/marc/marcdb | Bin 1806749 -> 0 bytes contrib/marc/pull.sh | 1 + contrib/whoisd/whoisd.pl | 230 ++++++++++++++++++++++++++++----------- db/as/3232/owner | 1 + db/dom/ano/ch/ns/ns1.ch.ano | 1 + db/dom/ano/ch/ns/ns2.ch.ano | 1 + db/dom/ano/ch/owner | 1 + db/dom/ano/epoch/ns/ns.epoch.ano | 1 - db/dom/ano/whois/ns/ns.whois.ano | 1 - db/ip/01/20/20/cidr | 1 + db/ip/01/20/20/ns/ns1.rjeli.ano | 1 + db/ip/01/20/20/owner | 1 + db/usr/epoch/pgp | 15 --- 18 files changed, 195 insertions(+), 80 deletions(-) create mode 100755 contrib/anocheck/hand-check.sh create mode 100755 contrib/anocheck/test.sh create mode 100644 contrib/marc/README create mode 100644 contrib/marc/marc.db delete mode 100644 contrib/marc/marcdb create mode 100755 contrib/marc/pull.sh create mode 100644 db/as/3232/owner create mode 100644 db/dom/ano/ch/ns/ns1.ch.ano create mode 100644 db/dom/ano/ch/ns/ns2.ch.ano create mode 100644 db/dom/ano/ch/owner delete mode 100644 db/dom/ano/epoch/ns/ns.epoch.ano delete mode 100644 db/dom/ano/whois/ns/ns.whois.ano create mode 100644 db/ip/01/20/20/cidr create mode 100644 db/ip/01/20/20/ns/ns1.rjeli.ano create mode 100644 db/ip/01/20/20/owner delete mode 100644 db/usr/epoch/pgp diff --git a/contrib/anocheck/hand-check.sh b/contrib/anocheck/hand-check.sh new file mode 100755 index 0000000..24dca8f --- /dev/null +++ b/contrib/anocheck/hand-check.sh @@ -0,0 +1,4 @@ +#!/bin/sh +/usr/local/libexec/bgp-paths.sh 4141 AN_out | tr ' ' '\n' | sort | uniq > /var/cache/anocheck/ASN.$(date +%s) +ls -rt /var/cache/anocheck/ASN.* | tail -r | tail -n+3 | xargs rm +ls -rt /var/cache/anocheck/ASN.* | tail -n2 | xargs diff -s diff --git a/contrib/anocheck/test.sh b/contrib/anocheck/test.sh new file mode 100755 index 0000000..241b34b --- /dev/null +++ b/contrib/anocheck/test.sh @@ -0,0 +1,7 @@ +#!/bin/sh +mkdir -p /var/cache/anocheck +/usr/local/libexec/bgp-paths.sh 4141 AN_out | tr ' ' '\n' | sort | uniq > /var/cache/anocheck/ASN.$(date +%s) +ls -rt /var/cache/anocheck/ASN.* | tail -r | tail -n+3 | xargs rm +ls -rt /var/cache/anocheck/ASN.* | tail -n2 | xargs diff +#this is nifty for hand-checks +#ls -rt /var/cache/anocheck/ASN.* | tail -n2 | xargs diff -s diff --git a/contrib/marc/README b/contrib/marc/README new file mode 100644 index 0000000..e77f12b --- /dev/null +++ b/contrib/marc/README @@ -0,0 +1 @@ +make marc diff --git a/contrib/marc/marc.c b/contrib/marc/marc.c index a83eb9b..d46b576 100644 --- a/contrib/marc/marc.c +++ b/contrib/marc/marc.c @@ -60,8 +60,14 @@ int marc_decode(unsigned char *data,int from_index,int length) { printf("list:\n"); indent++; while(from_index < length) { + +// old code. testing 16 bit lengths. cur_len=data[from_index+3]+(data[from_index+2]<<1)+(data[from_index+1]<<2)+(data[from_index+0]<<3); from_index+=4; + +// cur_len=data[from_index+1]+(data[from_index+0]<<1); +// from_index+=2; + marc_decode(data,from_index,cur_len); from_index+=cur_len; } @@ -153,6 +159,8 @@ void update_message_decode(unsigned char *data,int from_index,int length) { for(i=0;i; @@ -32,6 +33,75 @@ if($QUERY eq "!!\n") { $HACK=1; } +sub get_user_from_ASN { + my $AS=$_[0]; + my $user; + chdir("$RESDB/db/as") || die "%% error"; + if(chdir($AS) || die "%% error") { + open(FILE,"owner") || die "%% ASN not found."; + $user=; + close(FILE); + } else { + printf "%% AS not found."; + } + return $user; +} + +sub get_user_from_IPv4 { + my @parts; + my $user; + chdir("$RESDB/db/ip") || die "%% error"; + @parts=split(/\./,$_[0]); + for($i=0;$i; + close(FILE); + return $user; +} + +sub get_user_from_domain { + my @parts; + my $user; + my $i; + @parts=split(/\./,$_[0]); + chdir("$RESDB/db/dom") || die "%% error"; + for($i=scalar(@parts)-1;$i>scalar(@parts)-3;$i--) { + if(!$parts[$i]) { + printf "%% error"; + exit + } + if(!chdir($parts[$i])) { + printf "%-20s %s", "warning" . ":", "domain not found."; + exit; + } + } + open(FILE,"owner") || die "%% IP's owner not found."; + $user=; + close(FILE); + return $user; +} + +sub get_user_from_IPv6 { + chdir("$RESDB/db/ip6") || die "%% error. no resdb/db/ip6\n"; + $d=$_[0]; + print "$d"; + $d =~ s/[^0-9a-f]//gi; + $d =~ tr/a-z/A-Z/; + foreach(split(//,$d)) { + $d=$_; + chdir($d); + } + open(FILE,"owner") || die "%% IP6's owner not found."; + $user=; + close(FILE); + return $user; +} + sub ASN_lookup { if($QUERY =~ m/^AS(.+?)$/) { printf "%% AS section for %s\n", $QUERY; @@ -54,81 +124,88 @@ sub ASN_lookup { } } -ASN_lookup(); # IPv4 addresses -if($QUERY =~ m/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/) { - printf "%% IP section for %s\n", $QUERY unless $HACK; - chdir("$RESDB/db/ip") || die "%% error"; - @parts=split(/\./,$QUERY); - for($i=0;$iscalar(@parts)-3;$i--) { - if(!$parts[$i]) { - printf "%% error"; - exit - } - if(!chdir($parts[$i])) { - printf "%-20s %s", "warning" . ":", "domain not found."; - exit; +sub domain_lookup { + if($QUERY =~ m/\./) { + printf "%% domain section for %s\n", $QUERY; + @parts=split(/\./,$QUERY); + chdir("$RESDB/db/dom") || die "%% error"; + for($i=scalar(@parts)-1;$i>scalar(@parts)-3;$i--) { + if(!$parts[$i]) { + printf "%% error"; + exit + } + if(!chdir($parts[$i])) { + printf "%-20s %s", "warning" . ":", "domain not found."; + exit; + } } - } - foreach(split(/\n/,`grep '' -r .`)) { - $out = $_; - $out =~ s/^\.\///g; - $out =~ m/^(.+?):(.+?)$/; - ($title, $value) = ($1, $2); - printf "%-20s %s\n", $title . ":", $value; - if($title eq "owner") { - $QUERY = $value; + foreach(split(/\n/,`grep '' -r .`)) { + $out = $_; + $out =~ s/^\.\///g; + $out =~ m/^(.+?):(.+?)$/; + ($title, $value) = ($1, $2); + printf "%-20s %s\n", $title . ":", $value; + if($title eq "owner") { + $QUERY = $value; + } } } } -#ipv6 addresses -#if($QUERY =~ m/:/) {#close enough? -# $QUERY =~ s/://g; -# $QUERY =~ s/[^a-fA-F0-9]//g; -# $QUERY = uc($QUERY); -# chdir("$RESDB/db/ip6"); -# foreach(split(//,$QUERY)) { -# chdir($_);; -# } -# foreach(split(/\n/,`grep '' -r .`)) { -# $out = $_; -# $out =~ s/^\.\///g; -# $out =~ m/^(.+?):(.+?)$/; -# ($title, $value) = ($1, $2); -# printf "%-20s %s\n", $title . ":", $value; -# if($title eq "owner") { -# $QUERY = $value; -# } -# } -#} +#IPv6 addresses +sub IPv6_lookup { + if($QUERY =~ m/:/) {#close enough? + $QUERY =~ s/://g; + $QUERY =~ s/[^a-fA-F0-9]//g; + $QUERY = uc($QUERY); + chdir("$RESDB/db/ip6"); + foreach(split(//,$QUERY)) { + chdir($_);; + } + foreach(split(/\n/,`grep '' -r .`)) { + $out = $_; + $out =~ s/^\.\///g; + $out =~ m/^(.+?):(.+?)$/; + ($title, $value) = ($1, $2); + printf "%-20s %s\n", $title . ":", $value; + if($title eq "owner") { + $QUERY = $value; + } + } + } +} # default to assuming it is a name. +sub user_lookup { printf "%% user section for '%s'\n", $QUERY unless $HACK; chdir("$RESDB/db/usr") || die "%% error"; @@ -173,3 +250,30 @@ if($QUERY =~ m/\./) { ASN_lookup(); } #printf "%-20s %s\n", "notice:","$QUERY did not claim any domains yet"; +} + +if($QUERY =~ m/^AS(.+?)$/) { + $user=get_user_from_ASN($1); +} +elsif($QUERY =~ m/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/) { + $user=get_user_from_IPv4($QUERY); +} +elsif($QUERY =~ m/\./) { + $user=get_user_from_domain($QUERY); +} +elsif($QUERY =~ m/:/) { + $user=get_user_from_IPv6($QUERY); +} +else { + $user=$QUERY; +} +$user =~ s/[\r\n]//g; +printf "%%%% found user: %s for the query.\n", $user; + +#k. we got user... now to find stuff belonging to that user. + +#ASN_lookup($user); +#IPv4_lookup($user); +#domain_lookup($user); +#IPv6_lookup($user); +user_lookup(); diff --git a/db/as/3232/owner b/db/as/3232/owner new file mode 100644 index 0000000..6dda02e --- /dev/null +++ b/db/as/3232/owner @@ -0,0 +1 @@ +rjeli diff --git a/db/dom/ano/ch/ns/ns1.ch.ano b/db/dom/ano/ch/ns/ns1.ch.ano new file mode 100644 index 0000000..cb39eef --- /dev/null +++ b/db/dom/ano/ch/ns/ns1.ch.ano @@ -0,0 +1 @@ +1.41.41.1 diff --git a/db/dom/ano/ch/ns/ns2.ch.ano b/db/dom/ano/ch/ns/ns2.ch.ano new file mode 100644 index 0000000..542e31a --- /dev/null +++ b/db/dom/ano/ch/ns/ns2.ch.ano @@ -0,0 +1 @@ +fd63:1e39:6f73:2929::1 diff --git a/db/dom/ano/ch/owner b/db/dom/ano/ch/owner new file mode 100644 index 0000000..3aea3d0 --- /dev/null +++ b/db/dom/ano/ch/owner @@ -0,0 +1 @@ +epoch diff --git a/db/dom/ano/epoch/ns/ns.epoch.ano b/db/dom/ano/epoch/ns/ns.epoch.ano deleted file mode 100644 index cb39eef..0000000 --- a/db/dom/ano/epoch/ns/ns.epoch.ano +++ /dev/null @@ -1 +0,0 @@ -1.41.41.1 diff --git a/db/dom/ano/whois/ns/ns.whois.ano b/db/dom/ano/whois/ns/ns.whois.ano deleted file mode 100644 index cb39eef..0000000 --- a/db/dom/ano/whois/ns/ns.whois.ano +++ /dev/null @@ -1 +0,0 @@ -1.41.41.1 diff --git a/db/ip/01/20/20/cidr b/db/ip/01/20/20/cidr new file mode 100644 index 0000000..18d3871 --- /dev/null +++ b/db/ip/01/20/20/cidr @@ -0,0 +1 @@ +1.32.32.0/24 diff --git a/db/ip/01/20/20/ns/ns1.rjeli.ano b/db/ip/01/20/20/ns/ns1.rjeli.ano new file mode 100644 index 0000000..e8024b1 --- /dev/null +++ b/db/ip/01/20/20/ns/ns1.rjeli.ano @@ -0,0 +1 @@ +1.32.32.1 diff --git a/db/ip/01/20/20/owner b/db/ip/01/20/20/owner new file mode 100644 index 0000000..6dda02e --- /dev/null +++ b/db/ip/01/20/20/owner @@ -0,0 +1 @@ +rjeli diff --git a/db/usr/epoch/pgp b/db/usr/epoch/pgp deleted file mode 100644 index d0283e8..0000000 --- a/db/usr/epoch/pgp +++ /dev/null @@ -1,15 +0,0 @@ -Type Bits/KeyID Date User ID -pub 1024/55C8CE2D 2014/10/14 epoch - ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: 2.6.3ia - -mQCNA1Q8ipIAAAEEALbXggiUagqYBmFVgJwBdEvTcGwe7xevHc4SAYHnTg/5SwlT -WlHqXY+RB64aPBnun4Q2AUgX8jTJX7TSrN4yNRyiwLCf4ViiHIJmmiPuom7qOw2E -ix0pkj4wqglg2QIV5mAYsM9Z7g+zBQKjiF3ynS+R09WQ3IyM6k/37rtVyM4tAAUR -tCFlcG9jaCA8ZXBvY2hAaGFja2luZy5hbGxvd2VkLm9yZz6JAJUDBRBUPIqST/fu -u1XIzi0BARdGBACeESKUtfeLeDY+vKeKuJhqP5vUGydYeXTDQ6aRoE0U8IOtjemo -+7ZTV/WlxD3rM7AzSBoSuV2HvVb3L3pzeUrBcDCnmQ2svzGjRaMLX9QLqeojaNXb -fGQp4hFblNzycPIqM8F14es+DCIYBtPzrz1SrodXuxmox6cBWuHfDC494g== -=9EHH ------END PGP PUBLIC KEY BLOCK----- -- cgit v1.2.3