From ca7eb2b9acc3ccf3105672b919def704d43810cf Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Mon, 27 Jan 2014 22:13:23 +0100 Subject: [PATCH 1/9] Add support for a configurable whois server --- lg.cfg | 2 ++ lg.py | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/lg.cfg b/lg.cfg index 29678b4..9211d03 100644 --- a/lg.cfg +++ b/lg.cfg @@ -21,4 +21,6 @@ AS_NUMBER = { "h3" : "197422" } +#WHOIS_SERVER = "whois.foo.bar" + SESSION_KEY = '\xd77\xf9\xfa\xc2\xb5\xcd\x85)`+H\x9d\xeeW\\%\xbe/\xbaT\x89\xe8\xa7' diff --git a/lg.py b/lg.py index a0fcc35..7d409d7 100644 --- a/lg.py +++ b/lg.py @@ -96,7 +96,10 @@ def set_session(request_type, hosts, proto, request_args): def whois_command(query): - return subprocess.Popen(['whois', query], stdout=subprocess.PIPE).communicate()[0].decode('utf-8', 'ignore') + server = [] + if app.config.get("WHOIS_SERVER", ""): + server = [ "-h", app.config.get("WHOIS_SERVER") ] + return subprocess.Popen(['whois'] + server + [query], stdout=subprocess.PIPE).communicate()[0].decode('utf-8', 'ignore') def bird_command(host, proto, query): From 2418d13d0718b8603af78cd05645b392c048601b Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Mon, 27 Jan 2014 22:33:37 +0100 Subject: [PATCH 2/9] =?UTF-8?q?Add=20support=20for=20configuring=20the=20D?= =?UTF-8?q?NS-based=20ASN=20=E2=86=92=20name=20mapping=20service.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lg.cfg | 3 +++ lg.py | 8 +++++++- toolbox.py | 4 ---- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/lg.cfg b/lg.cfg index 9211d03..55db922 100644 --- a/lg.cfg +++ b/lg.cfg @@ -23,4 +23,7 @@ AS_NUMBER = { #WHOIS_SERVER = "whois.foo.bar" +# DNS zone to query for ASN -> name mapping +ASN_ZONE = "asn.cymru.com" + SESSION_KEY = '\xd77\xf9\xfa\xc2\xb5\xcd\x85)`+H\x9d\xeeW\\%\xbe/\xbaT\x89\xe8\xa7' diff --git a/lg.py b/lg.py index 7d409d7..c39aa22 100644 --- a/lg.py +++ b/lg.py @@ -29,7 +29,7 @@ from urllib import quote, unquote import json import random -from toolbox import mask_is_valid, ipv6_is_valid, ipv4_is_valid, resolve, save_cache_pickle, load_cache_pickle, get_asn_from_as, unescape +from toolbox import mask_is_valid, ipv6_is_valid, ipv4_is_valid, resolve, save_cache_pickle, load_cache_pickle, unescape #from xml.sax.saxutils import escape @@ -46,6 +46,12 @@ file_handler.setLevel(getattr(logging, app.config["LOG_LEVEL"].upper())) app.logger.addHandler(file_handler) +def get_asn_from_as(n): + asn_zone = app.config.get("ASN_ZONE", "asn.cymru.com") + data = resolve("AS%s.%s" % (n, asn_zone) ,"TXT").replace("'","").replace('"','') + return [ field.strip() for field in data.split("|") ] + + def add_links(text): """Browser a string and replace ipv4, ipv6, as number, with a whois link """ diff --git a/toolbox.py b/toolbox.py index 1543b85..534ddc9 100644 --- a/toolbox.py +++ b/toolbox.py @@ -27,10 +27,6 @@ import xml.parsers.expat def resolve(n, q): return str(resolver.query(n,q)[0]) -def get_asn_from_as(n): - data = resolve("AS%s.asn.cymru.com" % n ,"TXT").replace("'","").replace('"','') - return [ field.strip() for field in data.split("|") ] - def mask_is_valid(n): if not n: return True From e557dd651b9c4c9aaac27588e7a5a789e0713e73 Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Tue, 28 Jan 2014 15:45:03 +0100 Subject: [PATCH 3/9] Catch possible exceptions thrown by the ASN DNS resolver --- lg.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lg.py b/lg.py index c39aa22..5b2b93c 100644 --- a/lg.py +++ b/lg.py @@ -48,7 +48,10 @@ app.logger.addHandler(file_handler) def get_asn_from_as(n): asn_zone = app.config.get("ASN_ZONE", "asn.cymru.com") - data = resolve("AS%s.%s" % (n, asn_zone) ,"TXT").replace("'","").replace('"','') + try: + data = resolve("AS%s.%s" % (n, asn_zone) ,"TXT").replace("'","").replace('"','') + except: + return " "*5 return [ field.strip() for field in data.split("|") ] From fe4e8caf2f8d71cba3ab56b15e59710026a095d6 Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Tue, 28 Jan 2014 15:32:27 +0100 Subject: [PATCH 4/9] Fix bgpmap (Graphviz does not seem to like empty labels) --- lg.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lg.py b/lg.py index 5b2b93c..949ea84 100644 --- a/lg.py +++ b/lg.py @@ -470,7 +470,10 @@ def show_bgpmap(): add_node(_as, fillcolor=(first and "#F5A9A9" or "white")) - edge = add_edge(nodes[previous_as], nodes[_as] , label=hop_label, fontsize="7") + if hop_label: + edge = add_edge(nodes[previous_as], nodes[_as], label=hop_label, fontsize="7") + else: + edge = add_edge(nodes[previous_as], nodes[_as], fontsize="7") hop_label = "" From 317de8786617f0f71f13922b194d46d2fd215f62 Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Tue, 28 Jan 2014 16:17:28 +0100 Subject: [PATCH 5/9] Don't hardcode tetaneutral.net in the site title --- templates/layout.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/layout.html b/templates/layout.html index 55287e7..a5e92f0 100644 --- a/templates/layout.html +++ b/templates/layout.html @@ -1,6 +1,6 @@ - Tetaneutral.net looking glass + {{config.DOMAIN|capitalize}} looking glass From e75842b0253a2c3564e7a4ec9fe5f80313cd892d Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Tue, 28 Jan 2014 16:33:19 +0100 Subject: [PATCH 6/9] Fix traceroute options for FreeBSD, OpenBSD, NetBSD --- lg-proxy.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/lg-proxy.py b/lg-proxy.py index f972672..3b47e0f 100644 --- a/lg-proxy.py +++ b/lg-proxy.py @@ -20,6 +20,7 @@ ### +import sys import logging from logging.handlers import TimedRotatingFileHandler from logging import FileHandler @@ -70,7 +71,13 @@ def traceroute(): query = request.args.get("q","") query = unquote(query) - command = [ 'traceroute' , o ] + src + [ '-A', '-q1', '-N32', '-w1', '-m15', query ] + if sys.platform.startswith('freebsd') or sys.platform.startswith('netbsd'): + options = [ '-a', '-q1', '-w1', '-m15' ] + if sys.platform.startswith('openbsd'): + options = [ '-A', '-q1', '-w1', '-m15' ] + else: # For Linux + options = [ '-A', '-q1', '-N32', '-w1', '-m15' ] + command = [ 'traceroute' , o ] + src + options + [ query ] result = subprocess.Popen( command , stdout=subprocess.PIPE).communicate()[0].decode('utf-8', 'ignore').replace("\n","
") return result From 5cb45d57855d08adbc5510fcdaca76cc41a948c8 Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Tue, 28 Jan 2014 16:44:32 +0100 Subject: [PATCH 7/9] Fix commit e75842b0 (typo) --- lg-proxy.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lg-proxy.py b/lg-proxy.py index 3b47e0f..b40f048 100644 --- a/lg-proxy.py +++ b/lg-proxy.py @@ -73,7 +73,7 @@ def traceroute(): if sys.platform.startswith('freebsd') or sys.platform.startswith('netbsd'): options = [ '-a', '-q1', '-w1', '-m15' ] - if sys.platform.startswith('openbsd'): + elif sys.platform.startswith('openbsd'): options = [ '-A', '-q1', '-w1', '-m15' ] else: # For Linux options = [ '-A', '-q1', '-N32', '-w1', '-m15' ] From fe9a7f8fe4a6cb874c5e8b39afbe5e7c563d4864 Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Tue, 28 Jan 2014 16:55:36 +0100 Subject: [PATCH 8/9] Use traceroute{,6} on BSD instead of traceroute -{4,6} --- lg-proxy.py | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/lg-proxy.py b/lg-proxy.py index b40f048..d533d87 100644 --- a/lg-proxy.py +++ b/lg-proxy.py @@ -57,14 +57,21 @@ def check_accesslist(): def traceroute(): check_accesslist() + if sys.platform.startswith('freebsd') or sys.platform.startswith('netbsd') or sys.platform.startswith('openbsd'): + traceroute4 = [ 'traceroute' ] + traceroute6 = [ 'traceroute6' ] + else: # For Linux + traceroute4 = [ 'traceroute', '-4' ] + traceroute6 = [ 'traceroute', '-6' ] + src = [] if request.path == '/traceroute6': - o = "-6" + traceroute = traceroute6 if app.config.get("IPV6_SOURCE",""): src = [ "-s", app.config.get("IPV6_SOURCE") ] else: - o = "-4" + traceroute = traceroute4 if app.config.get("IPV4_SOURCE",""): src = [ "-s", app.config.get("IPV4_SOURCE") ] @@ -77,7 +84,7 @@ def traceroute(): options = [ '-A', '-q1', '-w1', '-m15' ] else: # For Linux options = [ '-A', '-q1', '-N32', '-w1', '-m15' ] - command = [ 'traceroute' , o ] + src + options + [ query ] + command = traceroute + src + options + [ query ] result = subprocess.Popen( command , stdout=subprocess.PIPE).communicate()[0].decode('utf-8', 'ignore').replace("\n","
") return result From ffafef27cd725f1855a3778565125fc798d931e3 Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Wed, 12 Feb 2014 22:09:09 +0100 Subject: [PATCH 9/9] Allow to configure the bind address of bird-lg --- lg.cfg | 3 +++ lg.py | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/lg.cfg b/lg.cfg index 55db922..7e9bc23 100644 --- a/lg.cfg +++ b/lg.cfg @@ -5,6 +5,9 @@ LOG_LEVEL="WARNING" DOMAIN = "tetaneutral.net" +BIND_IP = "0.0.0.0" +BIND_PORT = 5000 + PROXY = { "gw": 5000, "h3": 5000, diff --git a/lg.py b/lg.py index 949ea84..8f71c2d 100644 --- a/lg.py +++ b/lg.py @@ -620,4 +620,4 @@ def show_route(request_type, hosts, proto): if __name__ == "__main__": - app.run("0.0.0.0") + app.run(app.config.get("BIND_IP", "0.0.0.0"), app.config.get("BIND_PORT", 5000))