Skip to content
Snippets Groups Projects
Select Git revision
  • 8ee4f92893e5587968c0a69e08af1a87a21a668d
  • master default protected
  • devel
  • hruska-feature-clients-api
  • malostik-#5066-deduplicate-idea-ids
  • warden-postgresql-port
  • hruska-feature-#6799-filter-keys
  • hruska-feature-5066-duplicateIdeaID
  • warden-client-3.0-beta3
  • warden-server-3.0-beta3
  • warden-client-2.2-final
  • warden-server-2.2-final
  • warden-client-3.0-beta2
  • warden-server-3.0-beta2
  • warden-client-2.2
  • warden-server-2.2-patch3
  • warden-client-3.0-beta1
  • warden-server-3.0-beta1
  • warden-server-2.2-patch1
  • warden-client-3.0-beta0
  • warden-server-3.0-beta0
  • warden-server-2.2
  • warden-server-2.1-patch1
  • warden-client-2.1
  • warden-server-2.1
  • warden-server-2.1-beta6
  • warden-server-2.1-beta5
  • warden-server-2.1-beta4
28 results

DNSblacklist.pm

Blame
    • DNSblacklist.pm 2.46 KiB 
    package DNSblacklist;
use strict;
use warnings;
use Data::Dumper;

my  %CONSTANTS =    (
                       target      => "127.0.0.2",
                       outputfile  => "tmp/blacklist.csv",
                       threshold   => 10,
                       excludedip  => [],
                       eventtype   => [],
                       maxage      => "1D",
                       ttl         => "3600",
                       zone        => "@",
                       dns         => "dns.example.com",
                       hostmaster  => "hostmaster\@example.com",
                       refresh     => "1800    ; refresh (30 minutes)",
                       retry       => "600     ; retry (10 minutes)",
                       expire      => "1209600 ; expire (2 weeks)",
                       minimum     => "86400   ; minimum (1 day)",
                     );

my %FORMAT   =      (   maxage     => qr/\d+[hdmHDM]/, );

sub run {
    my (undef, $modprefix, $cfg, $dbh, $db_engine) = @_;
    
    my $v = Constants::mergeConfigs($cfg, $modprefix, \%CONSTANTS, \%FORMAT);

    my $eventtype_query = DB::joinIN("type", \@{$v->{'eventtype'}});
    my $excluded_query  = DB::joinNotIN("source", \@{$v->{'excludedip'}});

    my $condition = substr($excluded_query . $eventtype_query, 0, -5);
    my @columns= ("source", "note");
    my @params = ($condition, DB::getOldDataDB($db_engine, "NEWER", $v->{'maxage'}));
    my $query = DB::getQueryCondThreshold($db_engine, "events", \@columns, \@params, $v->{'threshold'});

    my @rows = Utils::fetchall_array_hashref($dbh, $query);

    my ($sec, $min, $hr, $day, $mon, $year) = localtime;
    
    $v->{'serial'} = sprintf("%02d%02d%02d%02d%02d", $year - 100 , $mon + 1, $day,  $hr, $min); 
    $v->{'hostmaster'} =~ s/\@/\./;

    sub header { my $v = shift; return "\$ORIGIN .\n\$TTL $v->{'ttl'}\n$v->{'zone'}\t\t\t\t\t\tIN\tSOA\t$v->{'dns'}. $v->{'hostmaster'}. (\n\t\t\t\t\t\t\t\t$v->{'serial'} ; serial\n\t\t\t\t\t\t\t\t$v->{'refresh'}\n\t\t\t\t\t\t\t\t$v->{'retry'}\n\t\t\t\t\t\t\t\t$v->{'expire'}\n\t\t\t\t\t\t\t\t$v->{'minimum'}\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\tNS\t$v->{'dns'}.\n"; };
 
    sub record { my ($r, $v) = @_; $r->{'note'} = "" if !defined $r->{'note'};  return ";" . "$r->{'source'}\n" . join(".", reverse( split(/\./, $r->{'source'}))) . "\t\tIN\t\tA\t$v->{'target'}\n\t\t\t\t\tIN\t\tTXT\t\"$r->{'note'}\"\n"; }; 

    my $ret = Utils::generateOutput($v->{'outputfile'}, \@rows, \&header, \&record, undef, $v);
    return $ret;
}
1;