enricher 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: ba7623f738d308075b0b07cf6365f83f3f11053b
4
+ data.tar.gz: 040c1a1349e741d87da53fa7c435841ef8995c34
5
+ SHA512:
6
+ metadata.gz: 36748a53b45b8ba519090621481ebbeb078d098f42a1fc39dd1bc45483cbab4bfe7a8be3e7360ed531717e51f750f6cf49d347e8b61d7f49b94e52e4b876d33b
7
+ data.tar.gz: 81e992ba9f680437405ee6369a3c6ae171660684454351c4464133487306c4f678e855efdbaeaffe937bc39ff13a114b98e8a0a98279b40ed571ec51351ceed4
@@ -0,0 +1,20 @@
1
+ *.gem
2
+ *.rbc
3
+ *.dat
4
+ .bundle
5
+ .config
6
+ build.sh
7
+ coverage
8
+ InstalledFiles
9
+ lib/bundler/man
10
+ pkg
11
+ rdoc
12
+ spec/reports
13
+ test/tmp
14
+ test/version_tmp
15
+ tmp
16
+
17
+ # YARD artifacts
18
+ .yardoc
19
+ _yardoc
20
+ doc/
data/Gemfile ADDED
@@ -0,0 +1,17 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gem "rake"
4
+
5
+ group :development
6
+ gem "bump", "~> 0.3"
7
+ gem "colored", "~> 1.2"
8
+ end
9
+
10
+ group :test do
11
+ gem 'minitest-colorize'
12
+ gem 'turn'
13
+ gem 'ansi'
14
+ gem 'simplecov', :require => false
15
+ end
16
+
17
+ gemspec
data/LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2014 shadowbq
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy of
6
+ this software and associated documentation files (the "Software"), to deal in
7
+ the Software without restriction, including without limitation the rights to
8
+ use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
9
+ the Software, and to permit persons to whom the Software is furnished to do so,
10
+ subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
17
+ FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
18
+ COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
19
+ IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
20
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,54 @@
1
+ ## Readme
2
+
3
+ IPv4 Data Enricher
4
+
5
+ ### Static Calculators:
6
+
7
+ Calculate ASN, CC3, Bogon, and Lat Long.
8
+
9
+ ### Online Calculators:
10
+
11
+ IPv4 reputation with VOIDIP
12
+ IPv4 reputation with VirusTotal
13
+
14
+ BGP Ranking with Cyrmu ASN Calculator
15
+
16
+ ## Requirements
17
+
18
+ Intenet connectivity for Online Calculators.
19
+
20
+ Maxmind dat file location requirement: `/usr/local/lib/share/enricher`
21
+
22
+ You need to download and install each of the free GeoLite country, city or ASN databases, or a subscription database version.
23
+
24
+ The last known download locations for the GeoLite database versions are:
25
+
26
+ <geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz>
27
+ <geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz>
28
+ <geolite.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz>
29
+
30
+
31
+ ## Automating the update of Static Content (via crontrab)
32
+
33
+ We can add a cron-job to automate the monthly process of updating the GeoIP database:
34
+
35
+ ```
36
+ mkdir -p /etc/crontab
37
+ ```
38
+
39
+ Now we will add a custom job:
40
+
41
+ ```
42
+ vim /etc/crontab/91_Update_GeoIP_db
43
+ ```
44
+
45
+ Add the following to this jopb, this will download and extract the new databases every month:
46
+
47
+ ```
48
+ # Updating the GeoIP database monthly on the 5th at 0:00h.
49
+ 0 0 5 * * root /usr/bin/wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz -O /usr/local/lib/share/enricher/GeoIP.dat.gz; /bin/gunzip -f /usr/local/lib/share/enricher/GeoIP.dat.gz
50
+
51
+ 0 0 5 * * root /usr/bin/wget http://geolite.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz -O /usr/local/lib/share/enricher/GeoIPASNum.dat.gz; /bin/gunzip -f /usr/local/lib/share/enricher/GeoIPASNum.dat.gz
52
+
53
+ 0 0 5 * * root /usr/bin/wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz -O /usr/local/lib/share/enricher/GeoLiteCity.dat.gz; /bin/gunzip -f /usr/local/lib/share/enricher/GeoLiteCity.dat.gz
54
+ ```
@@ -0,0 +1,11 @@
1
+ #!/usr/bin/env rake
2
+ require "bundler/gem_tasks"
3
+ require "rake/testtask"
4
+
5
+ task :default => [:test]
6
+
7
+ Rake::TestTask.new do |test|
8
+ test.libs << "test"
9
+ test.test_files = Dir[ "test/test_*.rb" ]
10
+ test.verbose = true
11
+ end
@@ -0,0 +1,22 @@
1
+ # -*- encoding: utf-8 -*-
2
+ require File.expand_path('../lib/enricher/version', __FILE__)
3
+
4
+ Gem::Specification.new do |gem|
5
+ gem.authors = ["shadowbq"]
6
+ gem.email = ["shadowbq@gmail.com"]
7
+ gem.description = %q{Enricher, the IP and URL data enhancer}
8
+ gem.summary = gem.description
9
+ gem.homepage = "https://github.com/shadowbq/enricher"
10
+
11
+ gem.files = `git ls-files`.split($\)
12
+ gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
13
+ gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
14
+ gem.name = "enricher"
15
+ gem.require_paths = ["lib"]
16
+ gem.version = Enricher::VERSION
17
+ gem.licenses = ["MIT"]
18
+ gem.add_development_dependency 'bundler', '~> 1.0'
19
+ gem.add_dependency "geoip", '~> 1.2'
20
+ gem.add_dependency "netaddr", '~> 1.5'
21
+
22
+ end
@@ -0,0 +1,44 @@
1
+ #STDLIBS
2
+ require 'uri'
3
+ require 'ipaddr'
4
+ require 'logger'
5
+ require 'rubygems'
6
+ require 'tempfile'
7
+
8
+ # RubyGems
9
+
10
+ require 'json'
11
+ require 'geoip'
12
+ require 'netaddr'
13
+
14
+ # Internal
15
+ module Enricher
16
+ $:.unshift(File.dirname(__FILE__))
17
+ require 'enricher/version'
18
+ require 'enricher/bogon'
19
+ require 'enricher/encoder'
20
+
21
+ DEBUG=false
22
+ LOGGING=false
23
+
24
+ #Setup Paths
25
+ LIB_PATH = File.expand_path("../", __FILE__)
26
+ CONFIG_PATH = File.expand_path("../../db", __FILE__)
27
+
28
+ if Enricher::DEBUG
29
+ Enricher::DATA_PATH = File.expand_path("../../data", __FILE__)
30
+ if Enricher::LOGGING
31
+ Enricher::LOG_PATH = File.expand_path("../../log", __FILE__)
32
+ logfile = "#{Enricher::LOG_PATH}/enricher.log"
33
+ end
34
+ else
35
+ Enricher::DATA_PATH = File.path("/usr/local/lib/share/enricher")
36
+ if Enricher::LOGGING
37
+ logfile = Tempfile.new('enricher.log')
38
+ Enricher::LOG_PATH = File.dirname(logfile.path)
39
+ end
40
+ end
41
+
42
+ Logger = Logger.new(logfile)
43
+
44
+ end
@@ -0,0 +1,37 @@
1
+ module Enricher
2
+ class Bogon
3
+
4
+ BOGONIPV4 = ['0.0.0.0/8',
5
+ '10.0.0.0/8',
6
+ '100.64.0.0/10',
7
+ '127.0.0.0/8',
8
+ '169.254.0.0/16',
9
+ '172.16.0.0/12',
10
+ '192.0.0.0/24',
11
+ '192.0.2.0/24',
12
+ '192.168.0.0/16',
13
+ '198.18.0.0/15',
14
+ '198.51.100.0/24',
15
+ '203.0.113.0/24',
16
+ '224.0.0.0/4',
17
+ '240.0.0.0/4']
18
+
19
+ def initialize(bogon)
20
+ if bogon == :bogonipv4
21
+ @bogon = BOGONIPV4.collect do |cidr|
22
+ NetAddr::CIDR.create(cidr)
23
+ end
24
+ else
25
+ raise BogonSetUndefined, "Only the :bogonipv4 aggregated set is defined at this time"
26
+ end
27
+ end
28
+
29
+ def contains?(ip)
30
+ @bogon.each do |net|
31
+ return true if net.contains?(ip)
32
+ end
33
+ return false
34
+ end
35
+
36
+ end
37
+ end
@@ -0,0 +1,56 @@
1
+ module Enricher
2
+
3
+ class Encoder
4
+
5
+ def self.aton(a)
6
+ IPAddr.new(a).to_i
7
+ end
8
+
9
+ def self.ntoa(a)
10
+ IPAddr.new(a, Socket::AF_INET).to_s
11
+ end
12
+
13
+ def self.encode(ip)
14
+ @@geoASN ||= GeoIP.new("#{Enricher::DATA_PATH}/GeoIPASNum.dat")
15
+ @@geoCoder ||= GeoIP.new("#{Enricher::DATA_PATH}/GeoIP.dat")
16
+ @@geoCoderCity ||= GeoIP.new("#{Enricher::DATA_PATH}/GeoLiteCity.dat")
17
+ @@bogon ||= Bogon.new(:bogonipv4)
18
+ asn = @@geoASN.asn(ip).number rescue "--"
19
+ {:ip => IPAddr.new(ip).to_i, :asn => asn, :geoip => @@geoCoder.country(ip).country_code3, :bogon => @@bogon.contains?(ip)}
20
+ end
21
+
22
+ def self.bogon?(ip)
23
+ @@bogon ||= Bogon.new(:bogonipv4)
24
+ return @@bogon.contains?(ip)
25
+ end
26
+
27
+ def self.asn(ip)
28
+ @@geoASN ||= GeoIP.new("#{Enricher::DATA_PATH}/GeoIPASNum.dat")
29
+ return @@geoASN.asn(ip).number rescue "--"
30
+ end
31
+
32
+ def self.asn_company(ip)
33
+ @@geoASN ||= GeoIP.new("#{Enricher::DATA_PATH}/GeoIPASNum.dat")
34
+ return @@geoASN.asn(ip).asn rescue "--"
35
+ end
36
+
37
+ def self.cc3(ip)
38
+ @@geoCoder ||= GeoIP.new("#{Enricher::DATA_PATH}/GeoIP.dat")
39
+ return @@geoCoder.country(ip).country_code3
40
+ end
41
+
42
+ def self.latitude(ip)
43
+ @@geoCoderCity ||= GeoIP.new("#{Enricher::DATA_PATH}/GeoIP.dat")
44
+ return @@geoCoderCity.city(ip).latitude
45
+ end
46
+
47
+ def self.longitude(ip)
48
+ @@geoCoderCity ||= GeoIP.new("#{Enricher::DATA_PATH}/GeoIP.dat")
49
+ return @@geoCoderCity.city(ip).longitude
50
+ end
51
+
52
+
53
+ end
54
+
55
+ end
56
+
@@ -0,0 +1,3 @@
1
+ module Enricher
2
+ VERSION = '0.0.2'
3
+ end
File without changes
metadata ADDED
@@ -0,0 +1,97 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: enricher
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
+ platform: ruby
6
+ authors:
7
+ - shadowbq
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-02-24 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ~>
18
+ - !ruby/object:Gem::Version
19
+ version: '1.0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ~>
25
+ - !ruby/object:Gem::Version
26
+ version: '1.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: geoip
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ~>
32
+ - !ruby/object:Gem::Version
33
+ version: '1.2'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ~>
39
+ - !ruby/object:Gem::Version
40
+ version: '1.2'
41
+ - !ruby/object:Gem::Dependency
42
+ name: netaddr
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ~>
46
+ - !ruby/object:Gem::Version
47
+ version: '1.5'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ~>
53
+ - !ruby/object:Gem::Version
54
+ version: '1.5'
55
+ description: Enricher, the IP and URL data enhancer
56
+ email:
57
+ - shadowbq@gmail.com
58
+ executables: []
59
+ extensions: []
60
+ extra_rdoc_files: []
61
+ files:
62
+ - .gitignore
63
+ - Gemfile
64
+ - LICENSE
65
+ - README.md
66
+ - Rakefile
67
+ - enricher.gemspec
68
+ - lib/enricher.rb
69
+ - lib/enricher/bogon.rb
70
+ - lib/enricher/encoder.rb
71
+ - lib/enricher/version.rb
72
+ - log/enricher.log
73
+ homepage: https://github.com/shadowbq/enricher
74
+ licenses:
75
+ - MIT
76
+ metadata: {}
77
+ post_install_message:
78
+ rdoc_options: []
79
+ require_paths:
80
+ - lib
81
+ required_ruby_version: !ruby/object:Gem::Requirement
82
+ requirements:
83
+ - - ! '>='
84
+ - !ruby/object:Gem::Version
85
+ version: '0'
86
+ required_rubygems_version: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - ! '>='
89
+ - !ruby/object:Gem::Version
90
+ version: '0'
91
+ requirements: []
92
+ rubyforge_project:
93
+ rubygems_version: 2.2.2
94
+ signing_key:
95
+ specification_version: 4
96
+ summary: Enricher, the IP and URL data enhancer
97
+ test_files: []