t53 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +7 -0
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/lib/t53.rb +59 -0
  5. metadata +92 -0
  6. metadata.gz.sig +0 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 7069975db04e1afc4eaa90b4ba736d26bd1e28fd39009fe286f73318f1c502f6
4
+ data.tar.gz: 88edcef8e72119a0826bfa5af47feb9d84dc43e0ac1570f73e074c129832316e
5
+ SHA512:
6
+ metadata.gz: 302fe63cd2f3b7d776355764964f025f47b1880786bbf90cc0d96bf027a228e2714c06fe32a0cb26d5bccf61a6710ea4283f5298384adc9ec648e61e90993836
7
+ data.tar.gz: 3f4225a4beeedc75821841d6f9b029258f43fbb00eb22942da5e2ce14b0b9f15e3930177cd3e681ce654b96c91b4830119854d11a2b5d65fecc1d868143ca25e
checksums.yaml.gz.sig ADDED
Binary file
data.tar.gz.sig ADDED
Binary file
data/lib/t53.rb ADDED
@@ -0,0 +1,59 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ # file: t53.rb
4
+
5
+ # description: Uses the command-line tool tcpdump to monitor local
6
+ # DNS requests. Publishes the requests in real-time to
7
+ # a SimplePubSub broker.
8
+
9
+ require "socket"
10
+ require 'sps-pub'
11
+
12
+
13
+ class T53
14
+
15
+ # options:
16
+ # nic: e.g. eth0, enp2s0f0
17
+ #
18
+ def initialize(nic: 'eth0', sps_host: 'spsmon', sps_port: '59053',
19
+ hostname: Socket.gethostname,
20
+ topic: 'dnslookup/' + hostname, debug: false, ignorelist: [])
21
+
22
+ @nic, @host, @port, @topic, @debug = nic, sps_host, sps_port, topic, debug
23
+ @ignorelist = ignorelist
24
+
25
+ end
26
+
27
+ def start()
28
+
29
+ command = "sudo tcpdump -nt -i #{@nic} udp port 53"
30
+ puts 'command: ' + command.inspect if @debug
31
+ sps = SPSPub.new host: @host, port: @port
32
+ ignorelist = @ignorelist
33
+ prev_domain = ''
34
+
35
+ IO.popen(command).each_line do |x|
36
+
37
+ puts 'x: ' + x.inspect
38
+
39
+ if x =~ /A\?/ then
40
+
41
+ match = ignorelist.find {|domain| x =~ /#{domain}/ }
42
+
43
+ next if match
44
+ domain = x[/(?<=A\?\s)[^\s]+(?=\.)/]
45
+ next if domain == prev_domain
46
+
47
+ sps.notice "#{@topic}: " + domain
48
+ prev_domain = domain
49
+
50
+ sleep 0.1
51
+
52
+ end
53
+
54
+ end
55
+
56
+ end
57
+
58
+ end
59
+
metadata ADDED
@@ -0,0 +1,92 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: t53
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - James Robertson
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain:
11
+ - |
12
+ -----BEGIN CERTIFICATE-----
13
+ MIIEXjCCAsagAwIBAgIBATANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDDCFnZW1t
14
+ YXN0ZXIvREM9amFtZXNyb2JlcnRzb24vREM9ZXUwHhcNMTgxMDIxMTU1NjA0WhcN
15
+ MTkxMDIxMTU1NjA0WjAsMSowKAYDVQQDDCFnZW1tYXN0ZXIvREM9amFtZXNyb2Jl
16
+ cnRzb24vREM9ZXUwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDAdFNA
17
+ nHva3ueBSH+MNZ5bb3MugklZ2zOkFMp6tg2FK45ecs2vTT2NfXio7w+nmbCDf34f
18
+ 46VdizzxANrkb3WgM7rl3qi/gE9lMqyuoQULwqVcgpXpHqXPQTQSplTJL6FwspV9
19
+ xT254piIoa67rORK3AePT/nWmrlun5zOR40puWKUewX+Mb4oxr4l8tqmihNZAetL
20
+ BZTTeyzfYKnWi0zxtcMgqnu/VLqM+KFp6qrEuzv3i6L5zdiUP+fWmOUkBRjLU0j6
21
+ IIQOthTUR/IzckMO4IDHTQRxSTrHCdyNxziZq3V5Eu0FTzBjMrvIZu/usKcbvKCv
22
+ VO3R2O73q6n85Dk4s78JmKXTagJK5kxDwCApO1gw9RZ2T6YP0X4ShzGKD8CtL4NO
23
+ ynq/B11WvbIEJ2eL+87DdekO/PkUCqOZsJV/2sjdOpiuPUjLGnE/KNA1+iA7weHl
24
+ Z9dsh+DCx/dBSVJxl7q7Rv9mkL0C5TZgSvI4o+Ck+oKjiWqBqJYIhMiXJZMCAwEA
25
+ AaOBijCBhzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQUQ5RKqUuN
26
+ p4oHC2+caBYmgA/1LU8wJgYDVR0RBB8wHYEbZ2VtbWFzdGVyQGphbWVzcm9iZXJ0
27
+ c29uLmV1MCYGA1UdEgQfMB2BG2dlbW1hc3RlckBqYW1lc3JvYmVydHNvbi5ldTAN
28
+ BgkqhkiG9w0BAQsFAAOCAYEAEmDFe7rd35gNqpxSLG4F55xBycv0f8R+FV7Tbp4o
29
+ gCmfwcKvDlYN8NTKxgZdGS9npizOrYzh3Xt1g8oTnnYALbteHO+3vPPGNXXXiq46
30
+ rryxL42aCJyd73iMi/RBFEZgLSnIxb+g9ylt+S6GeJ0MdDgwWwgDSuyiPoRcu/Hb
31
+ MpF/yi2cHL/VwYb/lhDB8HkyHQmcFdigKGVDAU5Kkp7/UFUJ0So4IaHw0CdC1OnU
32
+ +oXNCCtx1WtsgW9ZsVFjwHwiarxl8SVgY3YnwyeXa68d5sCCEpzRy7gmBWS/fqte
33
+ NI4jKfTLeejWhdNe9gpYwW+TboeiQn5Pt/DFYG4Pr3lck3qjN6B0rrgZ5ZFqmI8q
34
+ mbN56rzXjd/N6XIajRMVXLCEkLM24jzi69DequcRXiaDeHCq7WJMfdX+p3T7VO4Q
35
+ Z2qe5HUUZazh6IcJ9+sHuu5BkCQwJXG6HVZcvyrG6Dphlc+YFxu7EP+85YKHKW+v
36
+ JTY/G+M2ri81LCYen2nqhncW
37
+ -----END CERTIFICATE-----
38
+ date: 2018-10-21 00:00:00.000000000 Z
39
+ dependencies:
40
+ - !ruby/object:Gem::Dependency
41
+ name: sps-pub
42
+ requirement: !ruby/object:Gem::Requirement
43
+ requirements:
44
+ - - "~>"
45
+ - !ruby/object:Gem::Version
46
+ version: '0.5'
47
+ - - ">="
48
+ - !ruby/object:Gem::Version
49
+ version: 0.5.5
50
+ type: :runtime
51
+ prerelease: false
52
+ version_requirements: !ruby/object:Gem::Requirement
53
+ requirements:
54
+ - - "~>"
55
+ - !ruby/object:Gem::Version
56
+ version: '0.5'
57
+ - - ">="
58
+ - !ruby/object:Gem::Version
59
+ version: 0.5.5
60
+ description:
61
+ email: james@jamesrobertson.eu
62
+ executables: []
63
+ extensions: []
64
+ extra_rdoc_files: []
65
+ files:
66
+ - lib/t53.rb
67
+ homepage: https://github.com/jrobertson/t53
68
+ licenses:
69
+ - MIT
70
+ metadata: {}
71
+ post_install_message:
72
+ rdoc_options: []
73
+ require_paths:
74
+ - lib
75
+ required_ruby_version: !ruby/object:Gem::Requirement
76
+ requirements:
77
+ - - ">="
78
+ - !ruby/object:Gem::Version
79
+ version: '0'
80
+ required_rubygems_version: !ruby/object:Gem::Requirement
81
+ requirements:
82
+ - - ">="
83
+ - !ruby/object:Gem::Version
84
+ version: '0'
85
+ requirements: []
86
+ rubyforge_project:
87
+ rubygems_version: 2.7.6
88
+ signing_key:
89
+ specification_version: 4
90
+ summary: Uses the command-line tool tcpdump to monitor local DNS requests. Publishes
91
+ the requests in real-time to a SimplePubSub broker.
92
+ test_files: []
metadata.gz.sig ADDED
Binary file