eulaurarien/feed_dns.py

#!/usr/bin/env python3

import argparse
import database
import json
import logging
import sys
import typing
import multiprocessing
import enum

RecordType = enum.Enum('RecordType', 'A AAAA CNAME PTR')
Record = typing.Tuple[RecordType, int, str, str]

# select, confirm, write
FUNCTION_MAP: typing.Any = {
    RecordType.A: (
        database.Database.get_ip4,
        database.Database.get_domain_in_zone,
        database.Database.set_hostname,
    ),
    RecordType.CNAME: (
        database.Database.get_domain,
        database.Database.get_domain_in_zone,
        database.Database.set_hostname,
    ),
    RecordType.PTR: (
        database.Database.get_domain,
        database.Database.get_ip4_in_network,
        database.Database.set_ip4address,
    ),
}


class Reader(multiprocessing.Process):
    def __init__(self,
                 recs_queue: multiprocessing.Queue,
                 write_queue: multiprocessing.Queue,
                 index: int = 0):
        super(Reader, self).__init__()
        self.log = logging.getLogger(f'rd{index:03d}')
        self.recs_queue = recs_queue
        self.write_queue = write_queue
        self.index = index

    def run(self) -> None:
        self.db = database.Database(write=False)
        self.db.log = logging.getLogger(f'db{self.index:03d}')
        self.db.enter_step('line_wait')
        block: typing.List[str]
        try:
            for block in iter(self.recs_queue.get, None):
                record: Record
                for record in block:
                    # print(55, record)
                    dtype, updated, name, value = record
                    self.db.enter_step('feed_switch')
                    select, confirm, write = FUNCTION_MAP[dtype]
                    for rule in select(self.db, value):
                        # print(60, rule, list(confirm(self.db, name)))
                        if not any(confirm(self.db, name)):
                            # print(62, write, name, updated, rule)
                            self.db.enter_step('wait_put')
                            self.write_queue.put((write, name, updated, rule))
                    self.db.enter_step('line_wait')
        except KeyboardInterrupt:
            self.log.error('Interrupted')

        self.db.enter_step('end')
        self.db.close()


class Writer(multiprocessing.Process):
    def __init__(self,
                 write_queue: multiprocessing.Queue,
                 ):
        super(Writer, self).__init__()
        self.log = logging.getLogger(f'wr   ')
        self.write_queue = write_queue

    def run(self) -> None:
        self.db = database.Database(write=True)
        self.db.log = logging.getLogger(f'dbw  ')
        self.db.enter_step('line_wait')
        block: typing.List[str]
        try:
            fun: typing.Callable
            name: str
            updated: int
            source: int
            for fun, name, updated, source in iter(self.write_queue.get, None):
                self.db.enter_step('exec')
                fun(self.db, name, updated, source=source)
                self.db.enter_step('line_wait')
        except KeyboardInterrupt:
            self.log.error('Interrupted')

        self.db.enter_step('end')
        self.db.close()


class Parser():
    def __init__(self,
                 buf: typing.Any,
                 recs_queue: multiprocessing.Queue,
                 block_size: int,
                 ):
        super(Parser, self).__init__()
        self.buf = buf
        self.log = logging.getLogger('pr   ')
        self.recs_queue = recs_queue
        self.block: typing.List[Record] = list()
        self.block_size = block_size
        self.db = database.Database()  # Just for timing
        self.db.log = logging.getLogger('pr   ')

    def register(self, record: Record) -> None:
        self.db.enter_step('register')
        self.block.append(record)
        if len(self.block) >= self.block_size:
            self.db.enter_step('put_block')
            self.recs_queue.put(self.block)
            self.block = list()

    def run(self) -> None:
        self.consume()
        self.recs_queue.put(self.block)
        self.db.close()

    def consume(self) -> None:
        raise NotImplementedError


class Rapid7Parser(Parser):
    TYPES = {
        'a': RecordType.A,
        'aaaa': RecordType.AAAA,
        'cname': RecordType.CNAME,
        'ptr': RecordType.PTR,
    }

    def consume(self) -> None:
        for line in self.buf:
            self.db.enter_step('parse_rapid7')
            try:
                data = json.loads(line)
            except json.decoder.JSONDecodeError:
                continue
            record = (
                Rapid7Parser.TYPES[data['type']],
                int(data['timestamp']),
                data['name'],
                data['value']
            )
            self.register(record)


class DnsMassParser(Parser):
    # dnsmass --output Snrql
    # --retry REFUSED,SERVFAIL --resolvers nameservers-ipv4
    TYPES = {
        'A': (RecordType.A, -1, None),
        'AAAA': (RecordType.AAAA, -1, None),
        'CNAME': (RecordType.CNAME, -1, -1),
    }

    def consume(self) -> None:
        self.db.enter_step('parse_dnsmass')
        timestamp = 0
        header = True
        for line in self.buf:
            line = line[:-1]
            if not line:
                header = True
                continue

            split = line.split(' ')
            try:
                if header:
                    timestamp = int(split[1])
                    header = False
                else:
                    dtype, name_offset, value_offset = \
                        DnsMassParser.TYPES[split[1]]
                    record = (
                        dtype,
                        timestamp,
                        split[0][:name_offset],
                        split[2][:value_offset],
                    )
                    self.register(record)
                    self.db.enter_step('parse_dnsmass')
            except KeyError:
                continue


PARSERS = {
    'rapid7': Rapid7Parser,
    'dnsmass': DnsMassParser,
}

if __name__ == '__main__':

    # Parsing arguments
    log = logging.getLogger('feed_dns')
    args_parser = argparse.ArgumentParser(
        description="TODO")
    args_parser.add_argument(
        'parser',
        choices=PARSERS.keys(),
        help="TODO")
    args_parser.add_argument(
        '-i', '--input', type=argparse.FileType('r'), default=sys.stdin,
        help="TODO")
    args_parser.add_argument(
        '-j', '--workers', type=int, default=4,
        help="TODO")
    args_parser.add_argument(
        '-b', '--block-size', type=int, default=100,
        help="TODO")
    args = args_parser.parse_args()

    DB = database.Database(write=False)  # Not needed, just for timing
    DB.log = logging.getLogger('db   ')

    recs_queue: multiprocessing.Queue = multiprocessing.Queue(
        maxsize=10*args.workers)
    write_queue: multiprocessing.Queue = multiprocessing.Queue(
        maxsize=10*args.workers)

    DB.enter_step('proc_create')
    readers: typing.List[Reader] = list()
    for w in range(args.workers):
        readers.append(Reader(recs_queue, write_queue, w))
    writer = Writer(write_queue)
    parser = PARSERS[args.parser](
        args.input, recs_queue, args.block_size)

    DB.enter_step('proc_start')
    for reader in readers:
        reader.start()
    writer.start()

    try:
        DB.enter_step('parser_run')
        parser.run()

        DB.enter_step('end_put')
        for _ in range(args.workers):
            recs_queue.put(None)
        write_queue.put(None)

        DB.enter_step('proc_join')
        for reader in readers:
            reader.join()
        writer.join()
    except KeyboardInterrupt:
        log.error('Interrupted')

    DB.close()
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00			`#!/usr/bin/env python3`

			`import argparse`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`import database`
Added intermediate representation for DNS datasets It's just CSV. The DNS from the datasets are not ordered consistently, so we need to parse it completly. It seems that converting to an IR before sending data to ./feed_dns.py through a pipe is faster than decoding the JSON in ./feed_dns.py. This will also reduce the storage of the resolved subdomains by about 15% (compressed). 2019-12-13 21:59:35 +01:00			`import json`
Workflow: POO and individual tables per types Mostly for performances reasons. First one to implement threading later. Second one to speed up the dichotomy, but it doesn't seem that much better so far. 2019-12-13 00:11:21 +01:00			`import logging`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`import sys`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00			`import typing`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`import multiprocessing`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`import enum`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`RecordType = enum.Enum('RecordType', 'A AAAA CNAME PTR')`
			`Record = typing.Tuple[RecordType, int, str, str]`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00
			`# select, confirm, write`
			`FUNCTION_MAP: typing.Any = {`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`RecordType.A: (`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`database.Database.get_ip4,`
			`database.Database.get_domain_in_zone,`
			`database.Database.set_hostname,`
			`),`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`RecordType.CNAME: (`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`database.Database.get_domain,`
			`database.Database.get_domain_in_zone,`
			`database.Database.set_hostname,`
			`),`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`RecordType.PTR: (`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`database.Database.get_domain,`
			`database.Database.get_ip4_in_network,`
			`database.Database.set_ip4address,`
			`),`
			`}`


			`class Reader(multiprocessing.Process):`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00			`def __init__(self,`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`recs_queue: multiprocessing.Queue,`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`write_queue: multiprocessing.Queue,`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00			`index: int = 0):`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`super(Reader, self).__init__()`
			`self.log = logging.getLogger(f'rd{index:03d}')`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`self.recs_queue = recs_queue`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00			`self.write_queue = write_queue`
			`self.index = index`
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00			`def run(self) -> None:`
			`self.db = database.Database(write=False)`
			`self.db.log = logging.getLogger(f'db{self.index:03d}')`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`self.db.enter_step('line_wait')`
			`block: typing.List[str]`
			`try:`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`for block in iter(self.recs_queue.get, None):`
			`record: Record`
			`for record in block:`
			`# print(55, record)`
			`dtype, updated, name, value = record`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`self.db.enter_step('feed_switch')`
			`select, confirm, write = FUNCTION_MAP[dtype]`
			`for rule in select(self.db, value):`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`# print(60, rule, list(confirm(self.db, name)))`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`if not any(confirm(self.db, name)):`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`# print(62, write, name, updated, rule)`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`self.db.enter_step('wait_put')`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`self.write_queue.put((write, name, updated, rule))`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`self.db.enter_step('line_wait')`
			`except KeyboardInterrupt:`
			`self.log.error('Interrupted')`

			`self.db.enter_step('end')`
			`self.db.close()`


			`class Writer(multiprocessing.Process):`
			`def __init__(self,`
			`write_queue: multiprocessing.Queue,`
			`):`
			`super(Writer, self).__init__()`
			`self.log = logging.getLogger(f'wr ')`
			`self.write_queue = write_queue`

			`def run(self) -> None:`
			`self.db = database.Database(write=True)`
			`self.db.log = logging.getLogger(f'dbw ')`
			`self.db.enter_step('line_wait')`
			`block: typing.List[str]`
			`try:`
			`fun: typing.Callable`
			`name: str`
			`updated: int`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`source: int`
			`for fun, name, updated, source in iter(self.write_queue.get, None):`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`self.db.enter_step('exec')`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`fun(self.db, name, updated, source=source)`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`self.db.enter_step('line_wait')`
			`except KeyboardInterrupt:`
			`self.log.error('Interrupted')`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00
			`self.db.enter_step('end')`
			`self.db.close()`


Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`class Parser():`
			`def __init__(self,`
			`buf: typing.Any,`
			`recs_queue: multiprocessing.Queue,`
			`block_size: int,`
			`):`
			`super(Parser, self).__init__()`
			`self.buf = buf`
			`self.log = logging.getLogger('pr ')`
			`self.recs_queue = recs_queue`
			`self.block: typing.List[Record] = list()`
			`self.block_size = block_size`
			`self.db = database.Database() # Just for timing`
			`self.db.log = logging.getLogger('pr ')`

			`def register(self, record: Record) -> None:`
			`self.db.enter_step('register')`
			`self.block.append(record)`
			`if len(self.block) >= self.block_size:`
			`self.db.enter_step('put_block')`
			`self.recs_queue.put(self.block)`
			`self.block = list()`

			`def run(self) -> None:`
			`self.consume()`
			`self.recs_queue.put(self.block)`
			`self.db.close()`

			`def consume(self) -> None:`
			`raise NotImplementedError`


			`class Rapid7Parser(Parser):`
			`TYPES = {`
			`'a': RecordType.A,`
			`'aaaa': RecordType.AAAA,`
			`'cname': RecordType.CNAME,`
			`'ptr': RecordType.PTR,`
			`}`

			`def consume(self) -> None:`
			`for line in self.buf:`
			`self.db.enter_step('parse_rapid7')`
			`try:`
			`data = json.loads(line)`
			`except json.decoder.JSONDecodeError:`
			`continue`
			`record = (`
			`Rapid7Parser.TYPES[data['type']],`
			`int(data['timestamp']),`
			`data['name'],`
			`data['value']`
			`)`
			`self.register(record)`


			`class DnsMassParser(Parser):`
			`# dnsmass --output Snrql`
			`# --retry REFUSED,SERVFAIL --resolvers nameservers-ipv4`
			`TYPES = {`
			`'A': (RecordType.A, -1, None),`
			`'AAAA': (RecordType.AAAA, -1, None),`
			`'CNAME': (RecordType.CNAME, -1, -1),`
			`}`

			`def consume(self) -> None:`
			`self.db.enter_step('parse_dnsmass')`
			`timestamp = 0`
			`header = True`
			`for line in self.buf:`
			`line = line[:-1]`
			`if not line:`
			`header = True`
			`continue`

			`split = line.split(' ')`
			`try:`
			`if header:`
			`timestamp = int(split[1])`
			`header = False`
			`else:`
			`dtype, name_offset, value_offset = \`
			`DnsMassParser.TYPES[split[1]]`
			`record = (`
			`dtype,`
			`timestamp,`
			`split[0][:name_offset],`
			`split[2][:value_offset],`
			`)`
			`self.register(record)`
			`self.db.enter_step('parse_dnsmass')`
			`except KeyError:`
			`continue`


			`PARSERS = {`
			`'rapid7': Rapid7Parser,`
			`'dnsmass': DnsMassParser,`
			`}`

Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00			`if __name__ == '__main__':`

			`# Parsing arguments`
			`log = logging.getLogger('feed_dns')`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`args_parser = argparse.ArgumentParser(`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00			`description="TODO")`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`args_parser.add_argument(`
			`'parser',`
			`choices=PARSERS.keys(),`
			`help="TODO")`
			`args_parser.add_argument(`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00			`'-i', '--input', type=argparse.FileType('r'), default=sys.stdin,`
			`help="TODO")`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`args_parser.add_argument(`
			`'-j', '--workers', type=int, default=4,`
			`help="TODO")`
			`args_parser.add_argument(`
			`'-b', '--block-size', type=int, default=100,`
			`help="TODO")`
			`args = args_parser.parse_args()`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00
			`DB = database.Database(write=False) # Not needed, just for timing`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`DB.log = logging.getLogger('db ')`

Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`recs_queue: multiprocessing.Queue = multiprocessing.Queue(`
			`maxsize=10*args.workers)`
			`write_queue: multiprocessing.Queue = multiprocessing.Queue(`
			`maxsize=10*args.workers)`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`DB.enter_step('proc_create')`
			`readers: typing.List[Reader] = list()`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`for w in range(args.workers):`
			`readers.append(Reader(recs_queue, write_queue, w))`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`writer = Writer(write_queue)`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`parser = PARSERS[args.parser](`
			`args.input, recs_queue, args.block_size)`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`DB.enter_step('proc_start')`
			`for reader in readers:`
			`reader.start()`
			`writer.start()`
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00
			`try:`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`DB.enter_step('parser_run')`
			`parser.run()`
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00			`DB.enter_step('end_put')`
Workflow: Can now import DnsMass output Well, in a specific format but DnsMass nonetheless 2019-12-14 23:59:50 +01:00			`for _ in range(args.workers):`
			`recs_queue.put(None)`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`write_queue.put(None)`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`DB.enter_step('proc_join')`
			`for reader in readers:`
			`reader.join()`
			`writer.join()`
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00			`except KeyboardInterrupt:`
Workflow: Multiprocess Still trying. It's better than multithread though. Merge branch 'newworkflow' into newworkflow_threaded 2019-12-14 17:27:46 +01:00			`log.error('Interrupted')`
Threaded feed_dns Largely disapointing 2019-12-13 12:36:11 +01:00
Workflow: POO and individual tables per types Mostly for performances reasons. First one to implement threading later. Second one to speed up the dichotomy, but it doesn't seem that much better so far. 2019-12-13 00:11:21 +01:00			`DB.close()`