Select Git revision
DNSblacklist.pm 2.46 KiB
package DNSblacklist;
use strict;
use warnings;
use Data::Dumper;
my %CONSTANTS = (
target => "127.0.0.2",
outputfile => "tmp/blacklist.csv",
threshold => 10,
excludedip => [],
eventtype => [],
maxage => "1D",
ttl => "3600",
zone => "@",
dns => "dns.example.com",
hostmaster => "hostmaster\@example.com",
refresh => "1800 ; refresh (30 minutes)",
retry => "600 ; retry (10 minutes)",
expire => "1209600 ; expire (2 weeks)",
minimum => "86400 ; minimum (1 day)",
);
my %FORMAT = ( maxage => qr/\d+[hdmHDM]/, );
sub run {
my (undef, $modprefix, $cfg, $dbh, $db_engine) = @_;
my $v = Constants::mergeConfigs($cfg, $modprefix, \%CONSTANTS, \%FORMAT);
my $eventtype_query = DB::joinIN("type", \@{$v->{'eventtype'}});
my $excluded_query = DB::joinNotIN("source", \@{$v->{'excludedip'}});
my $condition = substr($excluded_query . $eventtype_query, 0, -5);
my @columns= ("source", "note");
my @params = ($condition, DB::getOldDataDB($db_engine, "NEWER", $v->{'maxage'}));
my $query = DB::getQueryCondThreshold($db_engine, "events", \@columns, \@params, $v->{'threshold'});
my @rows = Utils::fetchall_array_hashref($dbh, $query);
my ($sec, $min, $hr, $day, $mon, $year) = localtime;
$v->{'serial'} = sprintf("%02d%02d%02d%02d%02d", $year - 100 , $mon + 1, $day, $hr, $min);
$v->{'hostmaster'} =~ s/\@/\./;
sub header { my $v = shift; return "\$ORIGIN .\n\$TTL $v->{'ttl'}\n$v->{'zone'}\t\t\t\t\t\tIN\tSOA\t$v->{'dns'}. $v->{'hostmaster'}. (\n\t\t\t\t\t\t\t\t$v->{'serial'} ; serial\n\t\t\t\t\t\t\t\t$v->{'refresh'}\n\t\t\t\t\t\t\t\t$v->{'retry'}\n\t\t\t\t\t\t\t\t$v->{'expire'}\n\t\t\t\t\t\t\t\t$v->{'minimum'}\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\tNS\t$v->{'dns'}.\n"; };
sub record { my ($r, $v) = @_; $r->{'note'} = "" if !defined $r->{'note'}; return ";" . "$r->{'source'}\n" . join(".", reverse( split(/\./, $r->{'source'}))) . "\t\tIN\t\tA\t$v->{'target'}\n\t\t\t\t\tIN\t\tTXT\t\"$r->{'note'}\"\n"; };
my $ret = Utils::generateOutput($v->{'outputfile'}, \@rows, \&header, \&record, undef, $v);
return $ret;
}
1;