eulaurarien/feed_rules.py

#!/usr/bin/env python3

import database
import argparse
import sys
import time

FUNCTION_MAP = {
    'zone': database.Database.set_zone,
    'hostname': database.Database.set_hostname,
    'asn': database.Database.set_asn,
    'ip4network': database.Database.set_ip4network,
    'ip4address': database.Database.set_ip4address,
}

if __name__ == '__main__':

    # Parsing arguments
    parser = argparse.ArgumentParser(
        description="Import base rules to the database")
    parser.add_argument(
        'type',
        choices=FUNCTION_MAP.keys(),
        help="Type of rule inputed")
    parser.add_argument(
        '-i', '--input', type=argparse.FileType('r'), default=sys.stdin,
        help="File with one rule per line")
    parser.add_argument(
        '-f', '--first-party', action='store_true',
        help="The input only comes from verified first-party sources")
    args = parser.parse_args()

    DB = database.Database()

    fun = FUNCTION_MAP[args.type]

    source: database.RulePath
    if args.first_party:
        source = database.RuleFirstPath()
    else:
        source = database.RuleMultiPath()

    for rule in args.input:
        rule = rule.strip()
        try:
            fun(DB,
                rule,
                source=source,
                updated=int(time.time()),
                )
        except ValueError:
            DB.log.error(f"Could not add rule: {rule}")

    DB.save()
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00			`#!/usr/bin/env python3`

			`import database`
			`import argparse`
			`import sys`
Updated now based on timestamp Did I forget to add feed_asn.py a few commits ago? Oh well... 2019-12-13 13:54:00 +01:00			`import time`
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00
Workflow: Automatically import IP ranges from ASN Closes #9 2019-12-13 08:23:38 +01:00			`FUNCTION_MAP = {`
			`'zone': database.Database.set_zone,`
Removed TODO placeholders in commands description It's better than nothing but not by that much 2019-12-19 08:05:05 +01:00			`'hostname': database.Database.set_hostname,`
Workflow: Automatically import IP ranges from ASN Closes #9 2019-12-13 08:23:38 +01:00			`'asn': database.Database.set_asn,`
Removed TODO placeholders in commands description It's better than nothing but not by that much 2019-12-19 08:05:05 +01:00			`'ip4network': database.Database.set_ip4network,`
			`'ip4address': database.Database.set_ip4address,`
Workflow: Automatically import IP ranges from ASN Closes #9 2019-12-13 08:23:38 +01:00			`}`
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00
			`if __name__ == '__main__':`

			`# Parsing arguments`
			`parser = argparse.ArgumentParser(`
Removed TODO placeholders in commands description It's better than nothing but not by that much 2019-12-19 08:05:05 +01:00			`description="Import base rules to the database")`
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00			`parser.add_argument(`
			`'type',`
Workflow: Automatically import IP ranges from ASN Closes #9 2019-12-13 08:23:38 +01:00			`choices=FUNCTION_MAP.keys(),`
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00			`help="Type of rule inputed")`
			`parser.add_argument(`
			`'-i', '--input', type=argparse.FileType('r'), default=sys.stdin,`
Removed TODO placeholders in commands description It's better than nothing but not by that much 2019-12-19 08:05:05 +01:00			`help="File with one rule per line")`
Workflow: Base for new one While I'm automating this you'll need to download the A set from https://opendata.rapid7.com/sonar.fdns_v2/ to the file a.json.gz. 2019-12-09 08:12:48 +01:00			`parser.add_argument(`
			`'-f', '--first-party', action='store_true',`
			`help="The input only comes from verified first-party sources")`
			`args = parser.parse_args()`

Workflow: SQL -> Tree Welp. All that for this. 2019-12-15 15:56:26 +01:00			`DB = database.Database()`
Workflow: POO and individual tables per types Mostly for performances reasons. First one to implement threading later. Second one to speed up the dichotomy, but it doesn't seem that much better so far. 2019-12-13 00:11:21 +01:00
			`fun = FUNCTION_MAP[args.type]`

Added first_party tracking Well, tracking if a rule is from a first or a multi rule... Hope I did not do any mistake 2019-12-16 19:07:35 +01:00			`source: database.RulePath`
			`if args.first_party:`
			`source = database.RuleFirstPath()`
			`else:`
			`source = database.RuleMultiPath()`

Workflow: POO and individual tables per types Mostly for performances reasons. First one to implement threading later. Second one to speed up the dichotomy, but it doesn't seem that much better so far. 2019-12-13 00:11:21 +01:00			`for rule in args.input:`
Added optional cache for faster IP matching 2019-12-18 21:23:49 +01:00			`rule = rule.strip()`
			`try:`
			`fun(DB,`
			`rule,`
			`source=source,`
			`updated=int(time.time()),`
			`)`
			`except ValueError:`
			`DB.log.error(f"Could not add rule: {rule}")`
Workflow: POO and individual tables per types Mostly for performances reasons. First one to implement threading later. Second one to speed up the dichotomy, but it doesn't seem that much better so far. 2019-12-13 00:11:21 +01:00
Workflow: SQL -> Tree Welp. All that for this. 2019-12-15 15:56:26 +01:00			`DB.save()`