Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package bans
- import (
- "encoding/json"
- "io/ioutil"
- "net/http"
- "strings"
- "regexp"
- "time"
- "fmt"
- )
- type BanSettings struct{
- ProxySites []string
- ProxyInterval int
- ProxyBanReason string
- OptimizationStarter int
- }
- // call this function on a timer
- func optimizeBanTable(optimization_starter int, ban_reason string){
- var explored_ips []string // ["192.0.0.0/17","192.0.0.128/17"]
- //1 Fetch all bans
- var bans []string
- bans = getBanList()
- //2 take one ban
- for _, ban := range bans{
- // build subnet chunks and itterate over them
- // eg for 192.168.1.1
- // 192.0.0.0/9 , 192.128.0.0/9 , 192.168.0.0/17 , 192.168.128.0/17 , 192.168.1.0/25 , 192.168.1.128/25 6x
- // or for ipv6 , 2605:8d80:504:4fb1:1c6b:ea11:a067:e812 , a less chunked system
- // 2605:0:0:0:0:0:0:0/16 , 2605:8d80:0:0:0:0:0:0/32 , 2605:8d80:504:0:0:0:0:0/48 , 2605:8d80:504:4fb1:0:0:0:0/64 , 2605:8d80:504:4fb1:1c6b:0:0:0/80 , 2605:8d80:504:4fb1:1c6b:ea11:0:0/96 6x
- for i := 0 ; i < 6 ; i++ {
- is_ipv4 := strings.Contains(ban, ".")
- var search_ip string
- // A chunk is a number of FF blocks in an IP address(ff.0.0.0 or ff00:::::)
- if is_ipv4{
- search_ip = createOffsetChunk(i + 1)
- } else{
- search_ip = createOffsetChunk((i + 1) * 2)
- }
- is_explored := false
- for _, explored_ip := range explored_ips{
- // use explored_subnets for redundant checks(if a search equals an already explored search it's pointless)
- if checkBanContained(search_ip, explored_ip) == 0{
- is_explored = true
- break
- }
- }
- if is_explored{
- continue
- }
- // itterate over bans for main action
- chunk_weight := 0
- var counted_bans []string
- for _, existing_ban := range bans{
- containment_check := checkBanContained(search_ip, existing_ban)
- if containment_check == 1{
- // see if search already exists in a prexisting ban(redundancy check)
- break
- } else{
- // within each itterated chunk check the ban list for items falling within this
- // if an item is found add it to the count
- // A subnet counts as a number based on the mask bit
- // a ban of ff.0.0.0/7 counts for 720*optimization_starter bans(2160)
- // a ban of ff.ff.0.0/17 counts for 24*optimization_starter bans(72)
- // a ban of ff.ff.ff.0/25 counts for 2*optimization_starter bans(6)
- // A single IP counts for 1
- // for IPv6 these values are weighted on the same ratios
- chunk_weight = chunk_weight + weightBanContainment(search_ip, existing_ban)
- counted_bans = append(counted_bans, existing_ban)
- }
- }
- // use a factorial system based on the mask value to evaluate weather the number of bans is enough to lock the current chunk with a ban
- chunk_threshold = optimization_starter
- for j := 6 ; j > i ; j--{
- // 6 x 5 x 4 x 3 x 2 x 1 x starter
- // a ban of ff.0.0.0/7 will take 720*optimization_starter bans(2160)
- // 4 x 3 x 2 x 1 x starter
- // a ban of ff.ff.0.0/17 will take 24*optimization_starter bans(72)
- // 2 x 1 x starter
- // a ban of ff.ff.ff.0/25 will take 2*optimization_starter bans(6)
- chunk_threshold = chunk_threshold*(j)
- }
- if chunk_weight > chunk_threshold{
- // if it's enough to warant a lock, add the bans used for counting to the explored_ips list.
- // remove these contained bans if they are given the autoban reason. This will lead to some inevitable inaccuracies in the algorithm through the overweighting of manual bans on a subnet over automatic ones.
- // this may be preferable but it is not tunable
- newBan(search_ip, ban_reason + " (Automatic)")
- for _, ban_ip := range counted_bans{
- // remove only the targetted
- removeBan(ban_ip, []string{ban_reason, ban_reason + " (Automatic)"})
- }
- }
- }
- }
- }
- func getBansFromProxySites(sitelist []string, reason string){
- //https://www.regexpal.com/?fam=104038
- ipv4_or_6_reg_with_possible_mask := regexp.MustCompile("(?i)\\b((((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])))|(((([0-9a-f]{1,4}:){7}([0-9a-f]{1,4}|:))|(([0-9a-f]{1,4}:){6}(:[0-9a-f]{1,4}|((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3})|:))|(([0-9a-f]{1,4}:){5}(((:[0-9a-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3})|:))|(([0-9a-f]{1,4}:){4}(((:[0-9a-f]{1,4}){1,3})|((:[0-9a-f]{1,4})?:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(([0-9a-f]{1,4}:){3}(((:[0-9a-f]{1,4}){1,4})|((:[0-9a-f]{1,4}){0,2}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(([0-9a-f]{1,4}:){2}(((:[0-9a-f]{1,4}){1,5})|((:[0-9a-f]{1,4}){0,3}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(([0-9a-f]{1,4}:){1}(((:[0-9a-f]{1,4}){1,6})|((:[0-9a-f]{1,4}){0,4}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(:(((:[0-9a-f]{1,4}){1,7})|((:[0-9a-f]{1,4}){0,5}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:)))))(/[0-9]+)?\\b")
- var ip_list [][][]byte
- for _,site := range sitelist{
- fmt.Println(site)
- response, err:=http.Get(site)
- if err != nil{
- fmt.Println("GET ERROR : " + site)
- continue
- }
- contents, err := ioutil.ReadAll(response.Body)
- if err != nil{
- panic(err)
- }
- response.Body.Close()
- var ip_matches [][]byte
- ip_matches = ipv4_or_6_reg_with_possible_mask.FindAll(contents, -1)
- ip_list = append(ip_list, ip_matches...)
- }
- // remove duplicates for less DB checks
- for _,ip_a := range ip_list{
- dup := false
- for _,ip_b := range ip_list{
- if Compare(ip_a, ip_b) == 0{
- dup = true
- break;
- }
- }
- if dup == false{
- newBan(ip_a, reason)
- }
- }
- }
- func CreateRecurentActionTicker(){
- fmt.Println("Setting up proxy actions...")
- ban_info,_ := ioutil.ReadFile("./.ban-actions.json")
- var settings BanSettings
- err := json.Unmarshal(ban_info, &settings)
- if err != nil{
- panic(err)
- }
- fmt.Printf("sites ... %v\n" , settings.ProxySites)
- fmt.Printf("time ... %d\n" , settings.ProxyInterval)
- ban_ticker := time.NewTicker(time.Duration(settings.ProxyInterval) * time.Second)
- go func() {
- for {
- <-ban_ticker.C
- fmt.Printf("Action\n")
- // JSON data may have changed since initializing
- ban_info,_ = ioutil.ReadFile("./.ban-actions.json")
- err := json.Unmarshal(ban_info, &settings)
- if err != nil{
- panic(err)
- }
- // Get bans from list
- getBansFromProxySites(settings.ProxySites, settings.ProxyBanReason)
- // Optimize table and make esitimations
- optimizeBanTable(settings.OptimizationStarter, settings.ProxyBanReason)
- }
- }()
- //getBansFromProxySites(settings.ProxySites, settings.ProxyBanReason)
- }
Add Comment
Please, Sign In to add comment