LimnoriaPlugins/SnoParser
6
0
Fork 1
Code Issues 9 Pull Requests 1 Projects Releases Wiki Activity

Whois querying and caching #8

Closed
Georg wants to merge 1 commits from devel_whois into master
pull from: devel_whois
merge into: LimnoriaPlugins:master
Conversation 0 Commits 1 Files Changed 5 +179 -6
5 changed files with 179 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
__pycache__/__init__.cpython-38.pyc Normal file
View File

Binary file not shown.

BIN
__pycache__/config.cpython-38.pyc Normal file
View File

Binary file not shown.

BIN
__pycache__/plugin.cpython-38.pyc Normal file
View File

Binary file not shown.

61
config.py
View File

@ -1,5 +1,5 @@
### ###
# Copyright (c) 2021, mogad0n # Copyright (c) 2021, mogad0n and Georg Pfuetzenreuter <georg@lysergic.dev>
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
@ -61,4 +61,63 @@ conf.registerGlobalValue(SnoParser, 'AutoVhost',
conf.registerGlobalValue(SnoParser, 'preventHighlight', conf.registerGlobalValue(SnoParser, 'preventHighlight',
registry.Boolean(True, ("""Toggles in channel highlights with ZWSP"""))) registry.Boolean(True, ("""Toggles in channel highlights with ZWSP""")))
###
## WHOIS related settings below:
###
conf.registerGroup(SnoParser, 'whois')
conf.registerGlobalValue(SnoParser.whois, 'debug',
registry.Boolean('false',
"""
SnoParser: True: Very verbose console output. False: Mostly silent operation.
"""
, private=True
))
conf.registerGlobalValue(SnoParser.whois, 'sample',
registry.String('',
"""
SnoParser: This allows to set a testing IP address, if the plugin shall be evaluated on i.e. a local network. This will override all IP addresses from SNOTICES!
"""
, private=True
))
conf.registerGroup(SnoParser.whois, 'redis')
conf.registerGlobalValue(SnoParser.whois.redis, 'host',
registry.String('127.0.0.1',
"""
Redis: IP address or hostname.
"""
, private=True
))
conf.registerGlobalValue(SnoParser.whois.redis, 'port',
registry.Integer('6379',
"""
Redis: Port.
"""
, private=True
))
conf.registerGlobalValue(SnoParser.whois.redis, 'username',
registry.String('',
"""
Redis: Username. This is optional and has not been tested. It is recommended to perform initial tests on a local instance with no username and password.
"""
, private=True
))
conf.registerGlobalValue(SnoParser.whois.redis, 'password',
registry.String('',
"""
Redis: Password. This is optional and has not been tested. It is recommended to perform initial tests on a local instance with no username and password.
"""
))
conf.registerGlobalValue(SnoParser.whois.redis, 'db',
registry.Integer('0',
"""
Redis: Database number. It is recommended to use a dedicated, isolated, Redis instance for SnoParser instead of using an existing one with a different database.
"""
))
conf.registerGlobalValue(SnoParser.whois.redis, 'timeout',
registry.Integer('5',
"""
Redis: Socket Timeout. The developer does not know what to recommend here, but `5` seems to yield good results.
"""
))
# vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79: # vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79:

124
plugin.py
View File

@ -1,5 +1,5 @@
### ###
# Copyright (c) 2021, mogad0n # Copyright (c) 2021, mogad0n and Georg Pfuetzenreuter <georg@lysergic.dev>
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
@ -43,17 +43,124 @@ import os
import sys import sys
import time import time
import sqlite3 import sqlite3
import redis
import json
from datetime import timedelta
from ipwhois import IPWhois
import ipwhois
class SnoParser(callbacks.Plugin): class SnoParser(callbacks.Plugin):
"""Parses the Server Notices from ErgoIRCd""" """Parses the Server Notices from ErgoIRCd"""
threaded = True threaded = True
def redis_connect(self) -> redis.client.Redis:
try:
redis_client = redis.Redis(
host = self.registryValue('whois.redis.host'),
port = self.registryValue('whois.redis.port'),
password = self.registryValue('whois.redis.password'),
username = self.registryValue('whois.redis.username'),
db = self.registryValue('whois.redis.db'),
socket_timeout = int(self.registryValue('whois.redis.timeout'))
)
ping = redis_client.ping()
if ping is True:
return redis_client
except redis.AuthenticationError:
print("Could not authenticate to Redis backend.")
def __init__(self, irc):
super().__init__(irc)
self.redis_client = self.redis_connect()
def whois_fresh(self, sourceip: str) -> dict:
"""Data from cache."""
asn = 0
subnet = ''
try:
whois = IPWhois(sourceip)
whoisres = whois.lookup_rdap(depth=1,retry_count=0)
results = whoisres
if self.registryValue('whois.debug'):
print(results)
asn = whoisres['asn_registry']
country = whoisres['asn_country_code']
description = whoisres['asn_description']
whoisout = asn + ' ' + country + ' ' + description
except ipwhois.exceptions.IPDefinedError:
whoisout = 'RFC 4291 (Local)'
response = whoisout
return response
def whois_get_cache(self, key: str) -> str:
"""Data from Redis."""
k = self.redis_client.get(key)
# self = SnoParser()
# val = self.redis_client.get(key)
val = k
return val
def whois_set_cache(self, key: str, value: str) -> bool:
"""Data to Redis."""
state = self.redis_client.setex(key, timedelta(seconds=3600), value=value,)
return state
def whois_run(self, sourceip: str) -> dict:
"""Whois query router."""
data = self.whois_get_cache(key=sourceip)
if data is not None:
data = json.loads(data)
if self.registryValue('whois.debug'):
print("SNOPARSER DEBUG - WHOIS_RUN WITH CACHE: TRUE")
print(data)
print(sourceip)
return data
else:
data = self.whois_fresh(sourceip)
if self.registryValue('whois.debug'):
print("SNOPARSER DEBUG - WHOIS_RUN WITH CACHE: FALSE")
print(data)
print(sourceip)
if data.startswith:
if self.registryValue('whois.debug'):
print("SNOPARSER DEBUG - WHOIS_RUN WITH CACHE: FALSE AND CORRECT STARTING CHARACTER")
print(data)
data = json.dumps(data)
state = self.whois_set_cache(key=sourceip, value=data)
if state is True:
return json.loads(data)
else:
if self.registryValue('whois.debug'):
print("SNOPARSER DEBUG _ WHOIS_RUN WITH CACHE: FALSE AND WRONG STARTING CHARACTER")
print(data)
return data
def query(self, irc, msg, args, ipaddress):
"""<IP address>
Queries the cache for an address.
"""
data = self.whois_get_cache(key=ipaddress)
decoded = data.decode('utf-8')
ttl = self.redis_client.ttl(ipaddress)
print('SnoParser manual query: ', data, ' ', ttl)
irc.reply(f'{decoded} - Remaining: {ttl}s')
query = wrap(query, ['anything'])
def doNotice(self, irc, msg): def doNotice(self, irc, msg):
(target, text) = msg.args (target, text) = msg.args
if target == irc.nick: if target == irc.nick:
# server notices CONNECT, KILL, XLINE, NICK, ACCOUNT # server notices CONNECT, KILL, XLINE, NICK, ACCOUNT
text = ircutils.stripFormatting(text) text = ircutils.stripFormatting(text)
if 'CONNECT' in text: if 'CONNECT' in text:
connregex = "^-CONNECT- Client connected \[(.+)\] \[u\:~(.+)\] \[h\:(.+)\] \[ip\:(.+)\] \[r\:(.+)\]$" connregex = "^-CONNECT- Client connected \[(.+)\] \[u\:~(.+)\] \[h\:(.+)\] \[ip\:(.+)\] \[r\:(.+)\]$"
@ -61,12 +168,19 @@ class SnoParser(callbacks.Plugin):
nickname = couple.group(1) nickname = couple.group(1)
username = couple.group(2) username = couple.group(2)
host = couple.group(3) host = couple.group(3)
ip = couple.group(4) if self.registryValue('whois.sample'):
ip = self.registryValue('whois.sample')
else:
ip = couple.group(4)
realname = couple.group(5) realname = couple.group(5)
ip_seen = 0 ip_seen = 0
nick_seen = 0 nick_seen = 0
whoisout = self.whois_run(sourceip=ip)
DictFromSnotice = {'notice': 'connect', 'nickname': nickname, 'username': username, 'host': host, 'ip': ip, 'realname': realname, 'ipCount': ip_seen, 'nickCount': nick_seen} DictFromSnotice = {'notice': 'connect', 'nickname': nickname, 'username': username, 'host': host, 'ip': ip, 'realname': realname, 'ipCount': ip_seen, 'nickCount': nick_seen}
repl = f"\x02\x1FNOTICE: {DictFromSnotice['notice']} \x0F\x11\x0303==>>\x0F \x02Nick:\x0F {DictFromSnotice['nickname']} \x02Username:\x0F {DictFromSnotice['username']} \x02Hostname:\x0F {DictFromSnotice['host']} \x02IP:\x0F {DictFromSnotice['ip']} \x02Realname:\x0F {DictFromSnotice['realname']} \x02IPcount:\x0F {DictFromSnotice['ipCount']} \x02NickCount:\x0F {DictFromSnotice['nickCount']}" #repl = f"\x02\x1FNOTICE: {DictFromSnotice['notice']} \x0F\x11\x0303==>>\x0F \x02Nick:\x0F {DictFromSnotice['nickname']} \x02Username:\x0F {DictFromSnotice['username']} \x02Hostname:\x0F {DictFromSnotice['host']} \x02IP:\x0F {DictFromSnotice['ip']} \x02Realname:\x0F {DictFromSnotice['realname']} \x02IPcount:\x0F {DictFromSnotice['ipCount']} \x02NickCount:\x0F {DictFromSnotice['nickCount']}"
repl = f"\x02\x1F{DictFromSnotice['notice']} \x0F\x11\x0303==>>\x0F \x02Nick:\x0F {DictFromSnotice['nickname']} \x02Username:\x0F {DictFromSnotice['username']} \x02Hostname:\x0F {DictFromSnotice['host']} \x02IP:\x0F {DictFromSnotice['ip']} {whoisout} \x02Realname:\x0F {DictFromSnotice['realname']} \x02IPcount:\x0F {DictFromSnotice['ipCount']} \x02NickCount:\x0F {DictFromSnotice['nickCount']}"
self._sendSnotice(irc, msg, repl) self._sendSnotice(irc, msg, repl)
if 'XLINE' in text and 'temporary' in text: if 'XLINE' in text and 'temporary' in text:
xlineregex = "^-XLINE- (.+) \[(.+)\] added temporary \((.+)\) (K-Line|D-Line) for (.+)$" xlineregex = "^-XLINE- (.+) \[(.+)\] added temporary \((.+)\) (K-Line|D-Line) for (.+)$"