API tools faq
paste
Guest User

Untitled

a guest
Aug 28th, 2020
250
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.21 KB | None | 0 0
raw download clone embed print report
  1. package bans
  2.  
  3. import (
  4. "encoding/json"
  5. "io/ioutil"
  6. "net/http"
  7. "strings"
  8. "regexp"
  9. "time"
  10. "fmt"
  11. )
  12.  
  13. type BanSettings struct{
  14. ProxySites []string
  15. ProxyInterval int
  16. ProxyBanReason string
  17. OptimizationStarter int
  18. }
  19.  
  20. // call this function on a timer
  21. func optimizeBanTable(optimization_starter int, ban_reason string){
  22. var explored_ips []string // ["192.0.0.0/17","192.0.0.128/17"]
  23. //1 Fetch all bans
  24. var bans []string
  25. bans = getBanList()
  26. //2 take one ban
  27. for _, ban := range bans{
  28. // build subnet chunks and itterate over them
  29. // eg for 192.168.1.1
  30. // 192.0.0.0/9 , 192.128.0.0/9 , 192.168.0.0/17 , 192.168.128.0/17 , 192.168.1.0/25 , 192.168.1.128/25 6x
  31. // or for ipv6 , 2605:8d80:504:4fb1:1c6b:ea11:a067:e812 , a less chunked system
  32. // 2605:0:0:0:0:0:0:0/16 , 2605:8d80:0:0:0:0:0:0/32 , 2605:8d80:504:0:0:0:0:0/48 , 2605:8d80:504:4fb1:0:0:0:0/64 , 2605:8d80:504:4fb1:1c6b:0:0:0/80 , 2605:8d80:504:4fb1:1c6b:ea11:0:0/96 6x
  33. for i := 0 ; i < 6 ; i++ {
  34. is_ipv4 := strings.Contains(ban, ".")
  35. var search_ip string
  36. // A chunk is a number of FF blocks in an IP address(ff.0.0.0 or ff00:::::)
  37. if is_ipv4{
  38. search_ip = createOffsetChunk(i + 1)
  39. } else{
  40. search_ip = createOffsetChunk((i + 1) * 2)
  41. }
  42. is_explored := false
  43. for _, explored_ip := range explored_ips{
  44. // use explored_subnets for redundant checks(if a search equals an already explored search it's pointless)
  45. if checkBanContained(search_ip, explored_ip) == 0{
  46. is_explored = true
  47. break
  48. }
  49. }
  50. if is_explored{
  51. continue
  52. }
  53. // itterate over bans for main action
  54. chunk_weight := 0
  55. var counted_bans []string
  56. for _, existing_ban := range bans{
  57. containment_check := checkBanContained(search_ip, existing_ban)
  58. if containment_check == 1{
  59. // see if search already exists in a prexisting ban(redundancy check)
  60. break
  61. } else{
  62. // within each itterated chunk check the ban list for items falling within this
  63. // if an item is found add it to the count
  64. // A subnet counts as a number based on the mask bit
  65. // a ban of ff.0.0.0/7 counts for 720*optimization_starter bans(2160)
  66. // a ban of ff.ff.0.0/17 counts for 24*optimization_starter bans(72)
  67. // a ban of ff.ff.ff.0/25 counts for 2*optimization_starter bans(6)
  68. // A single IP counts for 1
  69. // for IPv6 these values are weighted on the same ratios
  70. chunk_weight = chunk_weight + weightBanContainment(search_ip, existing_ban)
  71. counted_bans = append(counted_bans, existing_ban)
  72. }
  73. }
  74. // use a factorial system based on the mask value to evaluate weather the number of bans is enough to lock the current chunk with a ban
  75. chunk_threshold = optimization_starter
  76. for j := 6 ; j > i ; j--{
  77. // 6 x 5 x 4 x 3 x 2 x 1 x starter
  78. // a ban of ff.0.0.0/7 will take 720*optimization_starter bans(2160)
  79. // 4 x 3 x 2 x 1 x starter
  80. // a ban of ff.ff.0.0/17 will take 24*optimization_starter bans(72)
  81. // 2 x 1 x starter
  82. // a ban of ff.ff.ff.0/25 will take 2*optimization_starter bans(6)
  83. chunk_threshold = chunk_threshold*(j)
  84. }
  85. if chunk_weight > chunk_threshold{
  86. // if it's enough to warant a lock, add the bans used for counting to the explored_ips list.
  87. // remove these contained bans if they are given the autoban reason. This will lead to some inevitable inaccuracies in the algorithm through the overweighting of manual bans on a subnet over automatic ones.
  88. // this may be preferable but it is not tunable
  89. newBan(search_ip, ban_reason + " (Automatic)")
  90. for _, ban_ip := range counted_bans{
  91. // remove only the targetted
  92. removeBan(ban_ip, []string{ban_reason, ban_reason + " (Automatic)"})
  93. }
  94. }
  95. }
  96. }
  97. }
  98.  
  99. func getBansFromProxySites(sitelist []string, reason string){
  100. //https://www.regexpal.com/?fam=104038
  101. ipv4_or_6_reg_with_possible_mask := regexp.MustCompile("(?i)\\b((((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])))|(((([0-9a-f]{1,4}:){7}([0-9a-f]{1,4}|:))|(([0-9a-f]{1,4}:){6}(:[0-9a-f]{1,4}|((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3})|:))|(([0-9a-f]{1,4}:){5}(((:[0-9a-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3})|:))|(([0-9a-f]{1,4}:){4}(((:[0-9a-f]{1,4}){1,3})|((:[0-9a-f]{1,4})?:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(([0-9a-f]{1,4}:){3}(((:[0-9a-f]{1,4}){1,4})|((:[0-9a-f]{1,4}){0,2}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(([0-9a-f]{1,4}:){2}(((:[0-9a-f]{1,4}){1,5})|((:[0-9a-f]{1,4}){0,3}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(([0-9a-f]{1,4}:){1}(((:[0-9a-f]{1,4}){1,6})|((:[0-9a-f]{1,4}){0,4}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(:(((:[0-9a-f]{1,4}){1,7})|((:[0-9a-f]{1,4}){0,5}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:)))))(/[0-9]+)?\\b")
  102. var ip_list [][][]byte
  103. for _,site := range sitelist{
  104. fmt.Println(site)
  105. response, err:=http.Get(site)
  106. if err != nil{
  107. fmt.Println("GET ERROR : " + site)
  108. continue
  109. }
  110. contents, err := ioutil.ReadAll(response.Body)
  111. if err != nil{
  112. panic(err)
  113. }
  114. response.Body.Close()
  115. var ip_matches [][]byte
  116. ip_matches = ipv4_or_6_reg_with_possible_mask.FindAll(contents, -1)
  117. ip_list = append(ip_list, ip_matches...)
  118. }
  119. // remove duplicates for less DB checks
  120. for _,ip_a := range ip_list{
  121. dup := false
  122. for _,ip_b := range ip_list{
  123. if Compare(ip_a, ip_b) == 0{
  124. dup = true
  125. break;
  126. }
  127. }
  128. if dup == false{
  129. newBan(ip_a, reason)
  130. }
  131. }
  132. }
  133.  
  134. func CreateRecurentActionTicker(){
  135. fmt.Println("Setting up proxy actions...")
  136. ban_info,_ := ioutil.ReadFile("./.ban-actions.json")
  137. var settings BanSettings
  138. err := json.Unmarshal(ban_info, &settings)
  139. if err != nil{
  140. panic(err)
  141. }
  142. fmt.Printf("sites ... %v\n" , settings.ProxySites)
  143. fmt.Printf("time ... %d\n" , settings.ProxyInterval)
  144. ban_ticker := time.NewTicker(time.Duration(settings.ProxyInterval) * time.Second)
  145. go func() {
  146. for {
  147. <-ban_ticker.C
  148. fmt.Printf("Action\n")
  149. // JSON data may have changed since initializing
  150. ban_info,_ = ioutil.ReadFile("./.ban-actions.json")
  151. err := json.Unmarshal(ban_info, &settings)
  152. if err != nil{
  153. panic(err)
  154. }
  155. // Get bans from list
  156. getBansFromProxySites(settings.ProxySites, settings.ProxyBanReason)
  157. // Optimize table and make esitimations
  158. optimizeBanTable(settings.OptimizationStarter, settings.ProxyBanReason)
  159. }
  160. }()
  161.  
  162. //getBansFromProxySites(settings.ProxySites, settings.ProxyBanReason)
  163.  
  164. }
  165.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!