private void DebugPrepareUDPTest()
{
var ipaddress = IPAddress.Parse("80.83.66.2");
var addrbytes = ipaddress.GetAddressBytes().Reverse().ToArray();
var addr = new Models.Int128();
if (addrbytes.Length == 4)
{
addr.Hi = 0;
addr.Low = BitConverter.ToUInt32(addrbytes, 0);
}
var addresstext = new BigMath.Int128(addr.Hi, addr.Low).ToString();
var addbytes2 = ASCIIEncoding.ASCII.GetBytes(addresstext);
var item = new Models.CacheIPRange()
{
Created = DateTime.UtcNow,
Identity = "identity1",
Proto_IpFrom = addbytes2,
Proto_IpTo = addbytes2,
PolicyId = 0
};
CacheLiveStorage.UdpCache = new System.Collections.Concurrent.ConcurrentDictionary <string, Models.CacheIPRange>();
CacheLiveStorage.UdpCache.AddOrUpdate("stationid1", item, (key, oldValue) => item);
}
private static void ProcessResult(byte[] receivedResult)
{
try
{
var receivedPacket = new FP.Radius.RadiusPacket(receivedResult);
if (receivedPacket.Valid)
{
var ipaddress = receivedPacket.Attributes.Where(t => t.Type == FP.Radius.RadiusAttributeType.FRAMED_IP_ADDRESS).First().Value;
var calledstationid = ASCIIEncoding.ASCII.GetString(receivedPacket.Attributes.Where(t => t.Type == FP.Radius.RadiusAttributeType.CALLED_STATION_ID).First().Data);
var addrbytes = IPAddress.Parse(ipaddress).GetAddressBytes();
var addr = new Models.Int128();
if (addrbytes.Length == 4)
{
addr.Hi = 0;
addr.Low = BitConverter.ToUInt32(addrbytes, 0);
}
else if (addrbytes.Length == 16)
{
addr.Hi = BitConverter.ToUInt64(addrbytes, 0);
addr.Low = BitConverter.ToUInt64(addrbytes, 8);
}
var addresstext = new BigMath.Int128(addr.Hi, addr.Low).ToString();
var addbytes2 = ASCIIEncoding.ASCII.GetBytes(addresstext);
var policyid = 0;
if (CacheLiveStorage.CoreCache.CustomLists != null)
{
var matchingCustomList = CacheLiveStorage.CoreCache.CustomLists.Where(t => string.Compare(t.Identity, calledstationid, StringComparison.OrdinalIgnoreCase) == 0).FirstOrDefault();
policyid = (matchingCustomList == null)
? 0
: matchingCustomList.PolicyId;
}
var item = new Models.CacheIPRange()
{
Created = DateTime.UtcNow,
Identity = calledstationid,
Proto_IpFrom = addbytes2,
Proto_IpTo = addbytes2,
PolicyId = policyid
};
CacheLiveStorage.UdpCache.AddOrUpdate(calledstationid, item, (key, oldValue) => item);
log.Info($"Processed {ipaddress} for {calledstationid}.");
}
else
{
log.Info("Unable to process UDP packet.");
}
}
catch (Exception ex)
{
log.Error(ex);
}
}
public string PassThrough(HttpContext ctx, string postdata)
{
try
{
var list = ctx.Request.Host.ToString().Split('.');
if (!string.IsNullOrEmpty(postdata))
{
list = postdata.Split('.');
}
for (var i = 0; i < list.Length - 1; i++)
{
var joined = string.Join('.', list, i, list.Length - i);
var bytes = Encoding.ASCII.GetBytes(joined);
var crc = Crc64.Compute(0, bytes);
if (CacheLiveStorage.CoreCache.Domains == null)
{
break;
}
var domain = CacheLiveStorage.CoreCache.Domains.Where(t => t.Crc64 == crc).FirstOrDefault();
if (domain == null)
{
continue;
}
var ipaddress = ctx.Connection.RemoteIpAddress;
var addrbytes = ipaddress.GetAddressBytes().Reverse().ToArray();
var addr = new Models.Int128();
if (addrbytes.Length == 4)
{
addr.Hi = 0;
addr.Low = BitConverter.ToUInt32(addrbytes, 0);
}
else if (addrbytes.Length == 16)
{
addr.Hi = BitConverter.ToUInt64(addrbytes, 0);
addr.Low = BitConverter.ToUInt64(addrbytes, 8);
}
var ip = new BigMath.Int128(addr.Hi, addr.Low);
var ipRange = new List <Models.CacheIPRange>();
if (CacheLiveStorage.UdpCache != null)
{
ipRange = CacheLiveStorage.UdpCache.Select(t => t.Value).ToList();
Models.CacheIPRange[] ipRangeCore = null;
if (CacheLiveStorage.CoreCache.IPRanges != null)
{
ipRangeCore = CacheLiveStorage.CoreCache.IPRanges.ToArray();
ipRange = ipRange.Concat(ipRangeCore).ToList();
}
}
var range = ipRange.Where(t => t.BintFrom >= ip && t.BintTo <= ip).FirstOrDefault();
var range_identity = string.Empty;
var range_policyid = 0;
if (range != null)
{
range_identity = range.Identity;
range_policyid = range.PolicyId;
}
Models.PublicListenerConfig views;
using (var sr = new StreamReader("publiclistenerconfig.json"))
{
views = JsonConvert.DeserializeObject <Models.PublicListenerConfig>(sr.ReadToEnd());
}
foreach (var network in views.views)
{
foreach (var cidr in network.networks)
{
IPNetwork n = IPNetwork.Parse(cidr.ToString());
if (!n.Contains(ipaddress))
{
continue;
}
if (!string.IsNullOrEmpty(range_identity))
{
if (CacheLiveStorage.CoreCache.CustomLists != null)
{
var custom = CacheLiveStorage.CoreCache.CustomLists.Where(t => string.Compare(t.Identity, range_identity, StringComparison.OrdinalIgnoreCase) == 0).FirstOrDefault();
if (custom != null)
{
var dmn = string.Join('.', list);
if (custom.WhiteList.Contains(joined) || custom.WhiteList.Contains(dmn))
{
//allow
//return "allow";
return(GenerateContent(ctx, network.accuracy));
}
else if (custom.BlackList.Contains(joined) || custom.BlackList.Contains(dmn))
{
return(GenerateContent(ctx, network.blacklist));
}
}
}
}
if (CacheLiveStorage.CoreCache.Policies != null)
{
var policy = CacheLiveStorage.CoreCache.Policies.Where(t => t.Policy_id == range_policyid).FirstOrDefault();
if (policy == null)
{
//no policy
//return "no policy";
return(GenerateContent(ctx, network.blacklist));
}
else
{
var flags = domain.Flags.ToArray()[policy.Policy_id];
if ((flags & (int)KresFlags.flags_accuracy) == (int)KresFlags.flags_accuracy)
{
if (policy.Block > 0 && domain.Accuracy > policy.Block)
{
return(GenerateContent(ctx, network.accuracy));
}
else
{
if (policy.Audit > 0 && domain.Accuracy > policy.Audit)
{
//audit
//return "audit";
return(GenerateContent(ctx, network.blacklist));
}
else
{
//no accuracy action
//return "no accuracy action";
return(GenerateContent(ctx, network.blacklist));
}
}
}
if ((flags & (int)KresFlags.flags_whitelist) == (int)KresFlags.flags_whitelist)
{
//allow whitelist
//return "allow whitelist";
return(GenerateContent(ctx, network.blacklist));
}
if ((flags & (int)KresFlags.flags_blacklist) == (int)KresFlags.flags_blacklist)
{
//block
return(GenerateContent(ctx, network.legal));
}
}
}
}
}
}
}
catch (Exception ex)
{
log.Error("ERROR: ", ex);
}
//return "no-action";
return(GenerateContent(ctx, new[] { "blacklist.cs.html", "blacklist.en.html", "blacklist.sk.html" }));
}
public void ThreadProc()
{
//DebugPrepareUDPTest();
var processedLines = 0;
while (true)
{
if (string.IsNullOrEmpty(filename_in))
{
log.Info("ENRICH_PASSIVEDNS_SOURCE not set, PassiveDNS thread exiting.");
return;
}
Thread.Sleep(5000);
try
{
if (CacheLiveStorage.UdpCache == null)
{
log.Info("Waiting for UDP Cache");
continue;
}
var ipRange = CacheLiveStorage.UdpCache.Select(t => t.Value).ToList();
using (var filein = File.OpenRead(filename_in))
{
using (var sr = new StreamReader(filein))
{
var i = 0;
try
{
while (i++ < processedLines)
{
while (sr.Peek() >= 0)
{
var line = sr.ReadLine();
}
}
}
catch
{
log.Debug("PassiveDNS log was changed.");
processedLines = 0;
continue;
}
using (var fileout = File.AppendText(filename_out))
{
while (sr.Peek() >= 0)
{
var line = sr.ReadLine();
dynamic reader = JsonConvert.DeserializeObject(line);
IPAddress ipaddress = IPAddress.Parse(reader.client.ToString());
var addrbytes = ipaddress.GetAddressBytes().Reverse().ToArray();
var addr = new Models.Int128();
if (addrbytes.Length == 4)
{
addr.Hi = 0;
addr.Low = BitConverter.ToUInt32(addrbytes, 0);
}
else if (addrbytes.Length == 16)
{
addr.Hi = BitConverter.ToUInt64(addrbytes, 0);
addr.Low = BitConverter.ToUInt64(addrbytes, 8);
}
var ip = new BigMath.Int128(addr.Hi, addr.Low);
var range = ipRange.Where(t => t.BintFrom >= ip && t.BintTo <= ip).FirstOrDefault();
var strippedLine = line.Substring(0, line.Length - 1);
if (range == null)
{
fileout.WriteLine(line);
}
else
{
var newLine = string.Format("{0},identity=\"{1}\"}}", strippedLine, range.Identity);
fileout.WriteLine(newLine);
}
processedLines++;
}
}
}
}
}
catch (Exception ex)
{
processedLines = 0;
log.ErrorFormat("PassiveDNS error: {0}", ex);
}
}
}
