b1ca4b3c5f
Implementing first version for shodan node, missing yet some models, but the overal approach works and can be queried in Ratel.
83 lines
1.6 KiB
Go
83 lines
1.6 KiB
Go
package filters
|
|
|
|
import (
|
|
"bufio"
|
|
"io/ioutil"
|
|
"net"
|
|
"os"
|
|
"path/filepath"
|
|
"regexp"
|
|
"runtime"
|
|
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
var (
|
|
_, b, _, _ = runtime.Caller(0)
|
|
basepath = filepath.Dir(b)
|
|
)
|
|
|
|
// RunIPFilters runs the battery of filters for an IP.
|
|
func RunIPFilters(InputIP string) bool {
|
|
ip := net.ParseIP(InputIP)
|
|
if ip.To4() != nil {
|
|
path := basepath + "/data/ipv4/"
|
|
sliceIPv4, err := ioutil.ReadDir(path)
|
|
if err != nil {
|
|
logrus.Warn("filters#ReadDir#ipv4", err)
|
|
}
|
|
|
|
for _, file := range sliceIPv4 {
|
|
f, err := os.OpenFile(path+file.Name(), 1, 0644)
|
|
if err != nil {
|
|
logrus.Warn("filters#OpenFile#", err)
|
|
}
|
|
scanner := bufio.NewScanner(f)
|
|
for scanner.Scan() {
|
|
_, ipNet, err := net.ParseCIDR(scanner.Text())
|
|
if err != nil {
|
|
continue
|
|
}
|
|
if ipNet.Contains(ip) {
|
|
return true
|
|
}
|
|
}
|
|
}
|
|
} else if ip.To16() != nil {
|
|
// run ipv6 filter battery
|
|
} else {
|
|
logrus.Error("filters#invalid IP format")
|
|
return false
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
// RunDomainFilters run filters on a targeted domain.
|
|
func RunDomainFilters(domain string) bool {
|
|
path := basepath + "/data/domain/"
|
|
sliceDomain, err := ioutil.ReadDir(path)
|
|
if err != nil {
|
|
logrus.Warn("filters#ReadDir#domains", err)
|
|
}
|
|
|
|
for _, file := range sliceDomain {
|
|
f, err := os.OpenFile(path+file.Name(), 1, 0644)
|
|
if err != nil {
|
|
logrus.Warn("filters#OpenFile#", err)
|
|
}
|
|
scanner := bufio.NewScanner(f)
|
|
|
|
for scanner.Scan() {
|
|
r, err := regexp.Compile(scanner.Text())
|
|
if err != nil {
|
|
logrus.Warn("filters#Compile#", err)
|
|
}
|
|
if r.MatchString(domain) {
|
|
return false
|
|
}
|
|
}
|
|
}
|
|
return true
|
|
}
|