private void DebugPrepareUDPTest() { var ipaddress = IPAddress.Parse("80.83.66.2"); var addrbytes = ipaddress.GetAddressBytes().Reverse().ToArray(); var addr = new Models.Int128(); if (addrbytes.Length == 4) { addr.Hi = 0; addr.Low = BitConverter.ToUInt32(addrbytes, 0); } var addresstext = new BigMath.Int128(addr.Hi, addr.Low).ToString(); var addbytes2 = ASCIIEncoding.ASCII.GetBytes(addresstext); var item = new Models.CacheIPRange() { Created = DateTime.UtcNow, Identity = "identity1", Proto_IpFrom = addbytes2, Proto_IpTo = addbytes2, PolicyId = 0 }; CacheLiveStorage.UdpCache = new System.Collections.Concurrent.ConcurrentDictionary <string, Models.CacheIPRange>(); CacheLiveStorage.UdpCache.AddOrUpdate("stationid1", item, (key, oldValue) => item); }
private static void ProcessResult(byte[] receivedResult) { try { var receivedPacket = new FP.Radius.RadiusPacket(receivedResult); if (receivedPacket.Valid) { var ipaddress = receivedPacket.Attributes.Where(t => t.Type == FP.Radius.RadiusAttributeType.FRAMED_IP_ADDRESS).First().Value; var calledstationid = ASCIIEncoding.ASCII.GetString(receivedPacket.Attributes.Where(t => t.Type == FP.Radius.RadiusAttributeType.CALLED_STATION_ID).First().Data); var addrbytes = IPAddress.Parse(ipaddress).GetAddressBytes(); var addr = new Models.Int128(); if (addrbytes.Length == 4) { addr.Hi = 0; addr.Low = BitConverter.ToUInt32(addrbytes, 0); } else if (addrbytes.Length == 16) { addr.Hi = BitConverter.ToUInt64(addrbytes, 0); addr.Low = BitConverter.ToUInt64(addrbytes, 8); } var addresstext = new BigMath.Int128(addr.Hi, addr.Low).ToString(); var addbytes2 = ASCIIEncoding.ASCII.GetBytes(addresstext); var policyid = 0; if (CacheLiveStorage.CoreCache.CustomLists != null) { var matchingCustomList = CacheLiveStorage.CoreCache.CustomLists.Where(t => string.Compare(t.Identity, calledstationid, StringComparison.OrdinalIgnoreCase) == 0).FirstOrDefault(); policyid = (matchingCustomList == null) ? 0 : matchingCustomList.PolicyId; } var item = new Models.CacheIPRange() { Created = DateTime.UtcNow, Identity = calledstationid, Proto_IpFrom = addbytes2, Proto_IpTo = addbytes2, PolicyId = policyid }; CacheLiveStorage.UdpCache.AddOrUpdate(calledstationid, item, (key, oldValue) => item); log.Info($"Processed {ipaddress} for {calledstationid}."); } else { log.Info("Unable to process UDP packet."); } } catch (Exception ex) { log.Error(ex); } }
public static Kres.Man.Models.Int128 Convert(BigMath.Int128 param) { var result = new Kres.Man.Models.Int128(); result.Hi = param.High; result.Low = param.Low; return(result); }
private static List <Models.CacheIPRange> LoadIPRanges() { var result = new List <Models.CacheIPRange>(); var csv = new CsvHelper.CsvReader(File.OpenText("ranges.csv")); while (csv.Read()) { var ipfrom = csv.GetField(0); IPAddress ipaddrfrom; if (!IPAddress.TryParse(ipfrom, out ipaddrfrom)) { break; } var ipto = csv.GetField(1); IPAddress ipaddrto; if (!IPAddress.TryParse(ipfrom, out ipaddrto)) { break; } var fromlist = ipaddrfrom.GetAddressBytes().ToList(); var tolist = ipaddrto.GetAddressBytes().ToList(); BigMath.Int128 outFrom; BigMath.Int128 outTo; if (fromlist.Count == 4) { outFrom = new BigMath.Int128(BitConverter.ToUInt32(fromlist.Take(4).ToArray(), 0)); outTo = new BigMath.Int128(BitConverter.ToUInt32(tolist.Take(4).ToArray(), 0)); } else { outFrom = new BigMath.Int128(BitConverter.ToUInt64(tolist.Take(8).ToArray(), 0), BitConverter.ToUInt64(fromlist.Skip(8).Take(8).ToArray(), 0)); outTo = new BigMath.Int128(BitConverter.ToUInt64(tolist.Take(8).ToArray(), 0), BitConverter.ToUInt64(tolist.Take(8).ToArray(), 0)); } var item = new Models.CacheIPRange { IpFrom = Kres.Man.Models.Int128.Convert(outFrom), IpTo = Kres.Man.Models.Int128.Convert(outTo), Identity = csv.GetField(2), PolicyId = Convert.ToInt32(csv.GetField(3)) }; result.Add(item); } return(result); }
public string Bypass(HttpContext ctx, string clientIpAddress, string domainToWhitelist, string authToken, string base64encodedUrlToRedirectTo) { log.Info($"Bypass request, ip={clientIpAddress}, {domainToWhitelist}."); if (string.Compare(authToken, "BFLMPSVZ", StringComparison.OrdinalIgnoreCase) != 0) { return(""); } var idbytes = Encoding.ASCII.GetBytes(clientIpAddress); var idcrc = Crc64.Compute(0, idbytes); string identity = idcrc.ToString("X"); IPAddress ip; if (!IPAddress.TryParse(clientIpAddress, out ip)) { return(new Exception($"unable to parse ip address {clientIpAddress}.").Message); } //TODO: check ipv6 reverse var bytes = ip.GetAddressBytes().Reverse().ToArray(); BigMath.Int128 intip; if (bytes.Length == 4) { intip = new BigMath.Int128(0, BitConverter.ToUInt32(bytes, 0)); } else if (bytes.Length == 16) { intip = new BigMath.Int128(BitConverter.ToUInt64(bytes, 0), BitConverter.ToUInt64(bytes, 8)); } else { return(new Exception($"unable to parse ip address {clientIpAddress}.").Message); } List <Models.CacheIPRange> ipranges; List <Models.CacheCustomList> customlists; if (CacheLiveStorage.CoreCache.IPRanges != null) { ipranges = CacheLiveStorage.CoreCache.IPRanges.ToList(); } else { ipranges = new List <Models.CacheIPRange>(); } if (CacheLiveStorage.CoreCache.IPRanges != null) { customlists = CacheLiveStorage.CoreCache.CustomLists.ToList(); } else { customlists = new List <Models.CacheCustomList>(); } ipranges.Add(new Models.CacheIPRange() { Identity = identity, Proto_IpFrom = Encoding.ASCII.GetBytes(intip.ToString()), Proto_IpTo = Encoding.ASCII.GetBytes(intip.ToString()), PolicyId = 0 }); var item = customlists.FirstOrDefault(t => string.Compare(t.Identity, identity, StringComparison.OrdinalIgnoreCase) == 0); if (item == null) { item = new Models.CacheCustomList() { Identity = identity, WhiteList = new List <string>() { domainToWhitelist }, BlackList = new List <string>(), PolicyId = 0 }; log.Info($"Identity {identity} now has {domainToWhitelist} whitelisted."); } else { if (!item.WhiteList.Contains(domainToWhitelist)) { var list = item.WhiteList.ToList(); list.Add(domainToWhitelist); item.WhiteList = list; foreach (var entry in item.WhiteList) { log.Info($"Identity {identity} now has {entry} whitelisted."); } } else { log.Info($"Identity {identity} has {domainToWhitelist} already whitelisted."); } } customlists.RemoveAll(t => string.Compare(t.Identity, identity, StringComparison.OrdinalIgnoreCase) == 0); customlists.Add(item); CacheLiveStorage.CoreCache.IPRanges = ipranges; CacheLiveStorage.CoreCache.CustomLists = customlists; log.Info($"Updating kres modules."); KresUpdater.UpdateSmallCaches(); KresUpdater.UpdateNow(); log.Info($"Kres modules have been updated."); //var redirectUrl = Base64Decode(base64encodedUrlToRedirectTo); //ctx.Response.RedirectLocation = redirectUrl; return(null); }
public string PassThrough(HttpContext ctx, string postdata) { try { var list = ctx.Request.Host.ToString().Split('.'); if (!string.IsNullOrEmpty(postdata)) { list = postdata.Split('.'); } for (var i = 0; i < list.Length - 1; i++) { var joined = string.Join('.', list, i, list.Length - i); var bytes = Encoding.ASCII.GetBytes(joined); var crc = Crc64.Compute(0, bytes); if (CacheLiveStorage.CoreCache.Domains == null) { break; } var domain = CacheLiveStorage.CoreCache.Domains.Where(t => t.Crc64 == crc).FirstOrDefault(); if (domain == null) { continue; } var ipaddress = ctx.Connection.RemoteIpAddress; var addrbytes = ipaddress.GetAddressBytes().Reverse().ToArray(); var addr = new Models.Int128(); if (addrbytes.Length == 4) { addr.Hi = 0; addr.Low = BitConverter.ToUInt32(addrbytes, 0); } else if (addrbytes.Length == 16) { addr.Hi = BitConverter.ToUInt64(addrbytes, 0); addr.Low = BitConverter.ToUInt64(addrbytes, 8); } var ip = new BigMath.Int128(addr.Hi, addr.Low); var ipRange = new List <Models.CacheIPRange>(); if (CacheLiveStorage.UdpCache != null) { ipRange = CacheLiveStorage.UdpCache.Select(t => t.Value).ToList(); Models.CacheIPRange[] ipRangeCore = null; if (CacheLiveStorage.CoreCache.IPRanges != null) { ipRangeCore = CacheLiveStorage.CoreCache.IPRanges.ToArray(); ipRange = ipRange.Concat(ipRangeCore).ToList(); } } var range = ipRange.Where(t => t.BintFrom >= ip && t.BintTo <= ip).FirstOrDefault(); var range_identity = string.Empty; var range_policyid = 0; if (range != null) { range_identity = range.Identity; range_policyid = range.PolicyId; } Models.PublicListenerConfig views; using (var sr = new StreamReader("publiclistenerconfig.json")) { views = JsonConvert.DeserializeObject <Models.PublicListenerConfig>(sr.ReadToEnd()); } foreach (var network in views.views) { foreach (var cidr in network.networks) { IPNetwork n = IPNetwork.Parse(cidr.ToString()); if (!n.Contains(ipaddress)) { continue; } if (!string.IsNullOrEmpty(range_identity)) { if (CacheLiveStorage.CoreCache.CustomLists != null) { var custom = CacheLiveStorage.CoreCache.CustomLists.Where(t => string.Compare(t.Identity, range_identity, StringComparison.OrdinalIgnoreCase) == 0).FirstOrDefault(); if (custom != null) { var dmn = string.Join('.', list); if (custom.WhiteList.Contains(joined) || custom.WhiteList.Contains(dmn)) { //allow //return "allow"; return(GenerateContent(ctx, network.accuracy)); } else if (custom.BlackList.Contains(joined) || custom.BlackList.Contains(dmn)) { return(GenerateContent(ctx, network.blacklist)); } } } } if (CacheLiveStorage.CoreCache.Policies != null) { var policy = CacheLiveStorage.CoreCache.Policies.Where(t => t.Policy_id == range_policyid).FirstOrDefault(); if (policy == null) { //no policy //return "no policy"; return(GenerateContent(ctx, network.blacklist)); } else { var flags = domain.Flags.ToArray()[policy.Policy_id]; if ((flags & (int)KresFlags.flags_accuracy) == (int)KresFlags.flags_accuracy) { if (policy.Block > 0 && domain.Accuracy > policy.Block) { return(GenerateContent(ctx, network.accuracy)); } else { if (policy.Audit > 0 && domain.Accuracy > policy.Audit) { //audit //return "audit"; return(GenerateContent(ctx, network.blacklist)); } else { //no accuracy action //return "no accuracy action"; return(GenerateContent(ctx, network.blacklist)); } } } if ((flags & (int)KresFlags.flags_whitelist) == (int)KresFlags.flags_whitelist) { //allow whitelist //return "allow whitelist"; return(GenerateContent(ctx, network.blacklist)); } if ((flags & (int)KresFlags.flags_blacklist) == (int)KresFlags.flags_blacklist) { //block return(GenerateContent(ctx, network.legal)); } } } } } } } catch (Exception ex) { log.Error("ERROR: ", ex); } //return "no-action"; return(GenerateContent(ctx, new[] { "blacklist.cs.html", "blacklist.en.html", "blacklist.sk.html" })); }
public void ThreadProc() { //DebugPrepareUDPTest(); var processedLines = 0; while (true) { if (string.IsNullOrEmpty(filename_in)) { log.Info("ENRICH_PASSIVEDNS_SOURCE not set, PassiveDNS thread exiting."); return; } Thread.Sleep(5000); try { if (CacheLiveStorage.UdpCache == null) { log.Info("Waiting for UDP Cache"); continue; } var ipRange = CacheLiveStorage.UdpCache.Select(t => t.Value).ToList(); using (var filein = File.OpenRead(filename_in)) { using (var sr = new StreamReader(filein)) { var i = 0; try { while (i++ < processedLines) { while (sr.Peek() >= 0) { var line = sr.ReadLine(); } } } catch { log.Debug("PassiveDNS log was changed."); processedLines = 0; continue; } using (var fileout = File.AppendText(filename_out)) { while (sr.Peek() >= 0) { var line = sr.ReadLine(); dynamic reader = JsonConvert.DeserializeObject(line); IPAddress ipaddress = IPAddress.Parse(reader.client.ToString()); var addrbytes = ipaddress.GetAddressBytes().Reverse().ToArray(); var addr = new Models.Int128(); if (addrbytes.Length == 4) { addr.Hi = 0; addr.Low = BitConverter.ToUInt32(addrbytes, 0); } else if (addrbytes.Length == 16) { addr.Hi = BitConverter.ToUInt64(addrbytes, 0); addr.Low = BitConverter.ToUInt64(addrbytes, 8); } var ip = new BigMath.Int128(addr.Hi, addr.Low); var range = ipRange.Where(t => t.BintFrom >= ip && t.BintTo <= ip).FirstOrDefault(); var strippedLine = line.Substring(0, line.Length - 1); if (range == null) { fileout.WriteLine(line); } else { var newLine = string.Format("{0},identity=\"{1}\"}}", strippedLine, range.Identity); fileout.WriteLine(newLine); } processedLines++; } } } } } catch (Exception ex) { processedLines = 0; log.ErrorFormat("PassiveDNS error: {0}", ex); } } }
public static BinaryWriter Write(BinaryWriter writer, BigMath.Int128 src) { writer.Write(src.ToBytes(true)); return(writer); }