SnoParser/plugin.py

405 lines
18 KiB
Python

###
# Copyright (c) 2021, mogad0n and Georg Pfuetzenreuter <georg@lysergic.dev>
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
# * Redistributions of source code must retain the above copyright notice,
# this list of conditions, and the following disclaimer.
# * Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions, and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# * Neither the name of the author of this software nor the name of
# contributors to this software may be used to endorse or promote products
# derived from this software without specific prior written consent.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
###
from supybot import utils, plugins, ircutils, callbacks, ircdb, conf, log, world, ircmsgs
from supybot.commands import *
try:
from supybot.i18n import PluginInternationalization
_ = PluginInternationalization('SnoParser')
except ImportError:
# Placeholder that allows to run the plugin on a bot
# without the i18n module
_ = lambda x: x
import re
import os
import sys
import time
import sqlite3
import redis
import json
from datetime import timedelta
from ipwhois import IPWhois
import ipwhois
class SnoParser(callbacks.Plugin):
"""Parses the Server Notices from ErgoIRCd"""
threaded = True
def redis_connect_whois(self) -> redis.client.Redis:
try:
redis_client_whois = redis.Redis(
host = self.registryValue('redis.host'),
port = self.registryValue('redis.port'),
password = self.registryValue('redis.password'),
username = self.registryValue('redis.username'),
db = self.registryValue('whois.redis.db'),
socket_timeout = int(self.registryValue('redis.timeout'))
)
ping = redis_client_whois.ping()
if ping is True:
return redis_client_whois
except redis.AuthenticationError:
print("Could not authenticate to Redis backend.")
def redis_connect_nicks(self) -> redis.client.Redis:
try:
redis_client_nicks = redis.Redis(
host = self.registryValue('redis.host'),
port = self.registryValue('redis.port'),
password = self.registryValue('redis.password'),
username = self.registryValue('redis.username'),
db = self.registryValue('redis.db1'),
socket_timeout = int(self.registryValue('redis.timeout'))
)
ping = redis_client_nicks.ping()
if ping is True:
return redis_client_nicks
except redis.AuthenticationError:
print("Could not authenticate to Redis backend.")
def redis_connect_ips(self) -> redis.client.Redis:
try:
redis_client_ips = redis.Redis(
host = self.registryValue('redis.host'),
port = self.registryValue('redis.port'),
password = self.registryValue('redis.password'),
username = self.registryValue('redis.username'),
db = self.registryValue('redis.db2'),
socket_timeout = int(self.registryValue('redis.timeout'))
)
ping = redis_client_ips.ping()
if ping is True:
return redis_client_ips
except redis.AuthenticationError:
print("Could not authenticate to Redis backend.")
def __init__(self, irc):
super().__init__(irc)
self.redis_client_whois = self.redis_connect_whois()
self.redis_client_nicks = self.redis_connect_nicks()
self.redis_client_ips = self.redis_connect_ips()
def whois_fresh(self, sourceip: str) -> dict:
"""Data from WHOIS backend (IANA or respective RIR)."""
asn = 0
subnet = ''
try:
whois = IPWhois(sourceip)
whoisres = whois.lookup_rdap(depth=1,retry_count=0)
results = whoisres
if self.registryValue('whois.debug'):
print(results)
asn = whoisres['asn_registry']
country = whoisres['asn_country_code']
description = whoisres['asn_description']
whoisout = asn + ' ' + country + ' ' + description
except ipwhois.exceptions.IPDefinedError:
whoisout = 'RFC 4291 (Local)'
response = whoisout
return response
def whois_get_cache(self, key: str) -> str:
"""Data from Redis."""
k = self.redis_client_whois.get(key)
# self = SnoParser()
# val = self.redis_client_whois.get(key)
val = k
return val
def whois_set_cache(self, key: str, value: str) -> bool:
"""Data to Redis."""
duration = int(self.registryValue('whois.ttl'))
state = self.redis_client_whois.setex(key, timedelta(seconds=duration), value=value,)
return state
def whois_run(self, sourceip: str) -> dict:
"""Whois query router."""
data = self.whois_get_cache(key=sourceip)
if data is not None:
data = json.loads(data)
if self.registryValue('whois.debug'):
print("SNOPARSER DEBUG - WHOIS_RUN WITH CACHE: TRUE")
print(data)
print(sourceip)
return data
else:
data = self.whois_fresh(sourceip)
if self.registryValue('whois.debug'):
print("SNOPARSER DEBUG - WHOIS_RUN WITH CACHE: FALSE")
print(data)
print(sourceip)
if data.startswith:
if self.registryValue('whois.debug'):
print("SNOPARSER DEBUG - WHOIS_RUN WITH CACHE: FALSE AND CORRECT STARTING CHARACTER")
print(data)
data = json.dumps(data)
state = self.whois_set_cache(key=sourceip, value=data)
if state is True:
return json.loads(data)
else:
if self.registryValue('whois.debug'):
print("SNOPARSER DEBUG _ WHOIS_RUN WITH CACHE: FALSE AND WRONG STARTING CHARACTER")
print(data)
return data
def nick_run(self, nickname: str) -> dict:
"""Tracks nicknames"""
data = self.redis_client_nicks.get(nickname)
if data is not None:
if self.registryValue('debug'):
print("SNOPARSER DEBUG - NICK_RUN, SEEN: TRUE")
print(nickname)
print(data)
self.redis_client_nicks.incrby(nickname,amount=1)
if data:
decoded = data.decode('utf-8')
return decoded
else:
return 0
else:
if self.registryValue('debug'):
print("SNOPARSER DEBUG _ NICK_RUN, SEEN: FALSE")
print(nickname)
print(data)
self.redis_client_nicks.set(nickname,value='1')
if data:
decoded = data.decode('utf-8')
return decoded
else:
return 0
def ip_run(self, ipaddress: str) -> dict:
"""Tracks IP addresses"""
data = self.redis_client_ips.get(ipaddress)
if data is not None:
if self.registryValue('debug'):
print("SNOPARSER DEBUG - IP_RUN, SEEN: TRUE")
print(ipaddress)
print(data)
self.redis_client_ips.incrby(ipaddress,amount=1)
if data:
decoded = data.decode('utf-8')
return decoded
else:
return 0
else:
if self.registryValue('debug'):
print("SNOPARSER DEBUG _ IP_RUN, SEEN: FALSE")
print(ipaddress)
print(data)
self.redis_client_ips.set(ipaddress,value='1')
if data:
decoded = data.decode('utf-8')
return decoded
else:
return 0
def ipquery(self, irc, msg, args, ipaddress):
"""<IP address>
Queries the cache for an address.
"""
data = self.whois_get_cache(key=ipaddress)
decoded_data = data.decode('utf-8')
ttl = self.redis_client_whois.ttl(ipaddress)
count = self.redis_client_ips.get(ipaddress)
decoded_count = count.decode('utf-8')
print('SnoParser manual query: ', data, ' ', ttl)
irc.reply(f'{decoded_data} - Count: {decoded_count} - Remaining: {ttl}s')
ipquery = wrap(ipquery, ['ip'])
def doNotice(self, irc, msg):
(target, text) = msg.args
if target == irc.nick:
# server notices
text = ircutils.stripFormatting(text)
# CONNECT
if 'CONNECT' in text:
connregex = "^-CONNECT- Client connected \[(.+)\] \[u\:~(.+)\] \[h\:(.+)\] \[ip\:(.+)\] \[r\:(.+)\]$"
couple = re.match(connregex, text)
nickname = couple.group(1)
username = couple.group(2)
host = couple.group(3)
if self.registryValue('whois.sample'):
ip = self.registryValue('whois.sample')
else:
ip = couple.group(4)
realname = couple.group(5)
ip_seen = self.ip_run(ipaddress=ip)
nick_seen = self.nick_run(nickname=nickname)
whois = self.whois_run(sourceip=ip)
DictFromSnotice = {'notice': 'connect', 'nickname': nickname, 'username': username, 'host': host, 'ip': ip, 'realname': realname, 'ipCount': ip_seen, 'nickCount': nick_seen}
repl = f"\x02\x1F{DictFromSnotice['notice']} \x0F\x11\x0303==>>\x0F \x02Nick:\x0F {DictFromSnotice['nickname']} \x02Username:\x0F {DictFromSnotice['username']} \x02Hostname:\x0F {DictFromSnotice['host']} \x02IP:\x0F {DictFromSnotice['ip']} {whois} \x02Realname:\x0F {DictFromSnotice['realname']} \x02IPcount:\x0F {DictFromSnotice['ipCount']} \x02NickCount:\x0F {DictFromSnotice['nickCount']}"
self._sendSnotice(irc, msg, repl)
if 'XLINE' in text and 'temporary' in text:
xlineregex = "^-XLINE- (.+) \[(.+)\] added temporary \((.+)\) (K-Line|D-Line) for (.+)$"
couple = re.match(xlineregex, text)
who = couple.group(1)
who_operator = couple.group(2)
duration = couple.group(3)
which_line = couple.group(4)
host_or_ip = couple.group(5)
DictFromSnotice = {'notice': 'tempban', 'who': who, 'operator': who_operator, 'duration': duration, 'type': which_line, 'target': host_or_ip}
repl = f"\x02\x1FNOTICE: {DictFromSnotice['notice']}\x0F \x11\x0303 X_X \x0F \x02BannedBy:\x0F {DictFromSnotice['who']} \x02BannedByOper:\x0F {DictFromSnotice['operator']} \x02Duration:\x0F {DictFromSnotice['duration']} \x02XLINE Type:\x0F {DictFromSnotice['type']} \x02Nick:\x0F {DictFromSnotice['target']}"
self._sendSnotice(irc, msg, repl)
# WHY THE FUCK IS IT elif ??
elif 'XLINE' in text and 'temporary' not in text and 'removed' not in text:
perm_xline_regex = "^-XLINE- (.+) \[(.+)\] added (D-Line|K-Line) for (.+)$"
couple = re.match(perm_xline_regex, text)
who = couple.group(1)
who_operator = couple.group(2)
which_line = couple.group(3)
host_or_ip = couple.group(4)
DictFromSnotice = {'notice': 'Permaban', 'who': who, 'operator': who_operator, 'type': which_line, 'target': host_or_ip}
repl = f"\x02\x1FNOTICE: {DictFromSnotice['notice']} \x0F \x11\x0303 X_X \x0F \x02BannedBy:\x0F {DictFromSnotice['who']} \x02BannedByOper:\x0F {DictFromSnotice['operator']} \x02XLINE Type:\x0F {DictFromSnotice['type']} \x02Host/IP:\x0F {DictFromSnotice['target']}"
self._sendSnotice(irc, msg, repl)
elif 'XLINE' in text and 'removed' in text:
unxlineregex = "^-XLINE- (.+) removed (D-Line|K-Line) for (.+)$"
couple = re.match(unxlineregex, text)
who = couple.group(1)
which_line = couple.group(2)
host_or_ip = couple.group(3)
DictFromSnotice = {'notice': 'unxline', 'who': who, 'type': which_line, 'target': host_or_ip}
repl = f"\x02\x1FNOTICE: {DictFromSnotice['notice']} \x0F\x11\x0303 :=D\x0F \x02UnbannedBy:\x0F {DictFromSnotice['who']} \x02XLINE type:\x0F {DictFromSnotice['type']} \x02Host/IP:\x0F {DictFromSnotice['target']}"
self._sendSnotice(irc, msg, repl)
if 'KILL' in text:
killregex = "^-KILL- (.+) \[(.+)\] killed (\d) clients with a (KLINE|DLINE) \[(.+)\]$"
couple = re.match(killregex, text)
who = couple.group(1)
who_operator = couple.group(2)
clients = couple.group(3)
which_line = couple.group(4)
nick = couple.group(5)
DictFromSnotice = {'notice': 'kill', 'who': who, 'operator': who_operator, "client": clients, 'type': which_line, 'nick': nick}
repl = f"\x02\x1FNOTICE: {DictFromSnotice['notice']} \x0F\x11\x0303☠\x0F \x02KilledBy:\x0F {DictFromSnotice['who']} \x02KilledByOper:\x0F {DictFromSnotice['operator']} \x02NumofClientsAffected:\x0F {DictFromSnotice['client']} \x02XLINE Type:\x0F {DictFromSnotice['type']} \x02Nick:\x0F {DictFromSnotice['nick']}"
self._sendSnotice(irc, msg, repl)
if 'NICK' in text and 'changed nickname to' in text:
nickregex = "^-NICK- (.+) changed nickname to (.+)$"
couple = re.match(nickregex, text)
old_nick = couple.group(1)
new_nick = couple.group(2)
DictFromSnotice = {'notice': 'nick change', 'old_nick': old_nick, 'new_nick': new_nick}
repl = f"\x02\x1FNOTICE: {DictFromSnotice['notice']} ==> {DictFromSnotice['old_nick']} changed their nick to {DictFromSnotice['new_nick']}"
self._sendSnotice(irc, msg, repl)
if 'QUIT' in text and 'exited' in text:
quitregex = "^-QUIT- (.+) exited the network$"
couple = re.match(quitregex, text)
nick = couple.group(1)
DictFromSnotice = {'notice': 'quit', 'nick': nick}
repl = f"\x02\x1FNOTICE: quit nick: {nick} has exited the network"
self._sendSnotice(irc, msg, repl)
if 'ACCOUNT' in text and 'registered account' in text:
accregex = "^-ACCOUNT- Client \[(.*)\] registered account \[(.*)\] from IP (.*)$"
couple = re.match(accregex, text)
hostmask = couple.group(1)
account = couple.group(2)
ip = couple.group(3)
DictFromSnotice = {'notice': 'accreg', 'hostmask': hostmask, 'account': account, 'ip': ip}
repl = f"\x02\x1FNOTICE: accreg -> [{account}] was registered by hostmask [{hostmask}] from IP {ip}"
# Trigger HS SET
self._setvhost(irc, msg, account)
self._sendSnotice(irc, msg, repl)
if 'ACCOUNT' in text and 'registered account' in text and 'SAREGISTER' in text:
accregex = "^-ACCOUNT- Operator \[(.*)\] registered account \[(.*)\] with SAREGISTER$"
couple = re.match(accregex, text)
oper = couple.group(1)
account = couple.group(2)
DictFromSnotice = {'notice': 'sareg', 'oper': oper, 'account': account}
repl = f"\x02\x1FNOTICE: sareg -> [{account}] was registered by operator [{oper}]"
self._setvhost(irc, msg, account)
self._sendSnotice(irc, msg, repl)
if 'OPER' in text and 'Client opered up' in text:
operregex = "^-OPER- Client opered up \[(.*)\, \ (.*)\]$"
couple = re.match(operregex, text)
hostmask = couple.group(1)
oper = couple.group(2)
DictFromSnotice = {'notice': 'opered', 'hostmask': hostmask, 'oper': oper}
repl = f"\x02\x1FNOTICE:\x0F [{hostmask}] opered up as [{oper}]."
self._sendSnotice(irc, msg, repl)
if 'OPER' in text and 'Client deopered' in text:
operregex = "^-OPER- Client deopered \[(.*)\]"
couple = re.match(operregex, text)
account = couple.group(1)
DictFromSnotice = {'notice': 'deopered', 'name': account}
repl = f"\x02\x1FNOTICE:\x0F [{account}] opered down."
self._sendSnotice(irc, msg, repl)
# Post Registration
def _setvhost(self, irc, msg, account):
arg = ['SET']
arg.append(account)
vhost = self.registryValue('AutoVhost')
arg.append(f'{vhost}{account}')
irc.sendMsg(msg=ircmsgs.IrcMsg(command='HS',
args=arg))
# Send formatted SNO to channel
def _sendSnotice(self, irc, msg, repl):
try:
channel = self.registryValue('targetChannel')
if channel[0] == '#':
irc.queueMsg(msg=ircmsgs.IrcMsg(command='NOTICE',
args=(channel, repl)))
# what sort of exception does one raise
except:
pass
Class = SnoParser
# vim:set shiftwidth=4 softtabstop=4 expandtab textwidth=79: