t53 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/t53.rb +59 -0
- metadata +92 -0
- metadata.gz.sig +0 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 7069975db04e1afc4eaa90b4ba736d26bd1e28fd39009fe286f73318f1c502f6
|
4
|
+
data.tar.gz: 88edcef8e72119a0826bfa5af47feb9d84dc43e0ac1570f73e074c129832316e
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 302fe63cd2f3b7d776355764964f025f47b1880786bbf90cc0d96bf027a228e2714c06fe32a0cb26d5bccf61a6710ea4283f5298384adc9ec648e61e90993836
|
7
|
+
data.tar.gz: 3f4225a4beeedc75821841d6f9b029258f43fbb00eb22942da5e2ce14b0b9f15e3930177cd3e681ce654b96c91b4830119854d11a2b5d65fecc1d868143ca25e
|
checksums.yaml.gz.sig
ADDED
Binary file
|
data.tar.gz.sig
ADDED
Binary file
|
data/lib/t53.rb
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
# file: t53.rb
|
4
|
+
|
5
|
+
# description: Uses the command-line tool tcpdump to monitor local
|
6
|
+
# DNS requests. Publishes the requests in real-time to
|
7
|
+
# a SimplePubSub broker.
|
8
|
+
|
9
|
+
require "socket"
|
10
|
+
require 'sps-pub'
|
11
|
+
|
12
|
+
|
13
|
+
class T53
|
14
|
+
|
15
|
+
# options:
|
16
|
+
# nic: e.g. eth0, enp2s0f0
|
17
|
+
#
|
18
|
+
def initialize(nic: 'eth0', sps_host: 'spsmon', sps_port: '59053',
|
19
|
+
hostname: Socket.gethostname,
|
20
|
+
topic: 'dnslookup/' + hostname, debug: false, ignorelist: [])
|
21
|
+
|
22
|
+
@nic, @host, @port, @topic, @debug = nic, sps_host, sps_port, topic, debug
|
23
|
+
@ignorelist = ignorelist
|
24
|
+
|
25
|
+
end
|
26
|
+
|
27
|
+
def start()
|
28
|
+
|
29
|
+
command = "sudo tcpdump -nt -i #{@nic} udp port 53"
|
30
|
+
puts 'command: ' + command.inspect if @debug
|
31
|
+
sps = SPSPub.new host: @host, port: @port
|
32
|
+
ignorelist = @ignorelist
|
33
|
+
prev_domain = ''
|
34
|
+
|
35
|
+
IO.popen(command).each_line do |x|
|
36
|
+
|
37
|
+
puts 'x: ' + x.inspect
|
38
|
+
|
39
|
+
if x =~ /A\?/ then
|
40
|
+
|
41
|
+
match = ignorelist.find {|domain| x =~ /#{domain}/ }
|
42
|
+
|
43
|
+
next if match
|
44
|
+
domain = x[/(?<=A\?\s)[^\s]+(?=\.)/]
|
45
|
+
next if domain == prev_domain
|
46
|
+
|
47
|
+
sps.notice "#{@topic}: " + domain
|
48
|
+
prev_domain = domain
|
49
|
+
|
50
|
+
sleep 0.1
|
51
|
+
|
52
|
+
end
|
53
|
+
|
54
|
+
end
|
55
|
+
|
56
|
+
end
|
57
|
+
|
58
|
+
end
|
59
|
+
|
metadata
ADDED
@@ -0,0 +1,92 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: t53
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- James Robertson
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain:
|
11
|
+
- |
|
12
|
+
-----BEGIN CERTIFICATE-----
|
13
|
+
MIIEXjCCAsagAwIBAgIBATANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDDCFnZW1t
|
14
|
+
YXN0ZXIvREM9amFtZXNyb2JlcnRzb24vREM9ZXUwHhcNMTgxMDIxMTU1NjA0WhcN
|
15
|
+
MTkxMDIxMTU1NjA0WjAsMSowKAYDVQQDDCFnZW1tYXN0ZXIvREM9amFtZXNyb2Jl
|
16
|
+
cnRzb24vREM9ZXUwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDAdFNA
|
17
|
+
nHva3ueBSH+MNZ5bb3MugklZ2zOkFMp6tg2FK45ecs2vTT2NfXio7w+nmbCDf34f
|
18
|
+
46VdizzxANrkb3WgM7rl3qi/gE9lMqyuoQULwqVcgpXpHqXPQTQSplTJL6FwspV9
|
19
|
+
xT254piIoa67rORK3AePT/nWmrlun5zOR40puWKUewX+Mb4oxr4l8tqmihNZAetL
|
20
|
+
BZTTeyzfYKnWi0zxtcMgqnu/VLqM+KFp6qrEuzv3i6L5zdiUP+fWmOUkBRjLU0j6
|
21
|
+
IIQOthTUR/IzckMO4IDHTQRxSTrHCdyNxziZq3V5Eu0FTzBjMrvIZu/usKcbvKCv
|
22
|
+
VO3R2O73q6n85Dk4s78JmKXTagJK5kxDwCApO1gw9RZ2T6YP0X4ShzGKD8CtL4NO
|
23
|
+
ynq/B11WvbIEJ2eL+87DdekO/PkUCqOZsJV/2sjdOpiuPUjLGnE/KNA1+iA7weHl
|
24
|
+
Z9dsh+DCx/dBSVJxl7q7Rv9mkL0C5TZgSvI4o+Ck+oKjiWqBqJYIhMiXJZMCAwEA
|
25
|
+
AaOBijCBhzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQUQ5RKqUuN
|
26
|
+
p4oHC2+caBYmgA/1LU8wJgYDVR0RBB8wHYEbZ2VtbWFzdGVyQGphbWVzcm9iZXJ0
|
27
|
+
c29uLmV1MCYGA1UdEgQfMB2BG2dlbW1hc3RlckBqYW1lc3JvYmVydHNvbi5ldTAN
|
28
|
+
BgkqhkiG9w0BAQsFAAOCAYEAEmDFe7rd35gNqpxSLG4F55xBycv0f8R+FV7Tbp4o
|
29
|
+
gCmfwcKvDlYN8NTKxgZdGS9npizOrYzh3Xt1g8oTnnYALbteHO+3vPPGNXXXiq46
|
30
|
+
rryxL42aCJyd73iMi/RBFEZgLSnIxb+g9ylt+S6GeJ0MdDgwWwgDSuyiPoRcu/Hb
|
31
|
+
MpF/yi2cHL/VwYb/lhDB8HkyHQmcFdigKGVDAU5Kkp7/UFUJ0So4IaHw0CdC1OnU
|
32
|
+
+oXNCCtx1WtsgW9ZsVFjwHwiarxl8SVgY3YnwyeXa68d5sCCEpzRy7gmBWS/fqte
|
33
|
+
NI4jKfTLeejWhdNe9gpYwW+TboeiQn5Pt/DFYG4Pr3lck3qjN6B0rrgZ5ZFqmI8q
|
34
|
+
mbN56rzXjd/N6XIajRMVXLCEkLM24jzi69DequcRXiaDeHCq7WJMfdX+p3T7VO4Q
|
35
|
+
Z2qe5HUUZazh6IcJ9+sHuu5BkCQwJXG6HVZcvyrG6Dphlc+YFxu7EP+85YKHKW+v
|
36
|
+
JTY/G+M2ri81LCYen2nqhncW
|
37
|
+
-----END CERTIFICATE-----
|
38
|
+
date: 2018-10-21 00:00:00.000000000 Z
|
39
|
+
dependencies:
|
40
|
+
- !ruby/object:Gem::Dependency
|
41
|
+
name: sps-pub
|
42
|
+
requirement: !ruby/object:Gem::Requirement
|
43
|
+
requirements:
|
44
|
+
- - "~>"
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '0.5'
|
47
|
+
- - ">="
|
48
|
+
- !ruby/object:Gem::Version
|
49
|
+
version: 0.5.5
|
50
|
+
type: :runtime
|
51
|
+
prerelease: false
|
52
|
+
version_requirements: !ruby/object:Gem::Requirement
|
53
|
+
requirements:
|
54
|
+
- - "~>"
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
version: '0.5'
|
57
|
+
- - ">="
|
58
|
+
- !ruby/object:Gem::Version
|
59
|
+
version: 0.5.5
|
60
|
+
description:
|
61
|
+
email: james@jamesrobertson.eu
|
62
|
+
executables: []
|
63
|
+
extensions: []
|
64
|
+
extra_rdoc_files: []
|
65
|
+
files:
|
66
|
+
- lib/t53.rb
|
67
|
+
homepage: https://github.com/jrobertson/t53
|
68
|
+
licenses:
|
69
|
+
- MIT
|
70
|
+
metadata: {}
|
71
|
+
post_install_message:
|
72
|
+
rdoc_options: []
|
73
|
+
require_paths:
|
74
|
+
- lib
|
75
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
76
|
+
requirements:
|
77
|
+
- - ">="
|
78
|
+
- !ruby/object:Gem::Version
|
79
|
+
version: '0'
|
80
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
81
|
+
requirements:
|
82
|
+
- - ">="
|
83
|
+
- !ruby/object:Gem::Version
|
84
|
+
version: '0'
|
85
|
+
requirements: []
|
86
|
+
rubyforge_project:
|
87
|
+
rubygems_version: 2.7.6
|
88
|
+
signing_key:
|
89
|
+
specification_version: 4
|
90
|
+
summary: Uses the command-line tool tcpdump to monitor local DNS requests. Publishes
|
91
|
+
the requests in real-time to a SimplePubSub broker.
|
92
|
+
test_files: []
|
metadata.gz.sig
ADDED
Binary file
|