diff options
| author | 尹姜谊 <[email protected]> | 2024-03-18 13:50:45 +0800 |
|---|---|---|
| committer | 尹姜谊 <[email protected]> | 2024-03-18 13:50:45 +0800 |
| commit | 1ae6493db25b9dcdf0be3a302e4afc2f443458f2 (patch) | |
| tree | 61238de1ed263c9731aa4f8912d37d660a1886f6 /detection/vpn_detector.py | |
| parent | c5f7fd8d6085565005dd36c055324b89195ad444 (diff) | |
Add: 增加IP保护
Diffstat (limited to 'detection/vpn_detector.py')
| -rw-r--r-- | detection/vpn_detector.py | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/detection/vpn_detector.py b/detection/vpn_detector.py index 9830ae3..78bea7d 100644 --- a/detection/vpn_detector.py +++ b/detection/vpn_detector.py @@ -20,6 +20,8 @@ from clickhouse_driver import Client from tool.Config import Config from tool.KnowledgeBaseTool import KnowledgeApi import concurrent.futures +from tool.Functions import is_valid_ip +import awdb class ServerGroup: @@ -155,6 +157,36 @@ class VpnDetector: return results + def filtered_by_isp(self, original_ip_list, delete_isp_list): + delete_ip_list = [] + reader = awdb.open_database('detection/awdb/IP_city_single_WGS84.awdb') + for ip in original_ip_list: + try: + (record, prefix_len) = reader.get_with_prefix_len(ip) + isp = str(record.get('owner'), 'utf-8') + for isp_key_words in delete_isp_list: + if isp_key_words in isp.strip('"').strip().lower(): + delete_ip_list.append(ip) + except ValueError: + continue + + return self.filtered_by_ip(original_ip_list, delete_ip_list) + + + def filtered_by_ip(self, original_ip_list, delete_ip_list): + for ip in delete_ip_list: + if is_valid_ip(ip): + if ip in original_ip_list: + original_ip_list.remove(ip) + elif ip.endswith('*'): + to_remove_ip = [i for i in original_ip_list if i.startswith(ip.strip('*'))] + if not len(to_remove_ip) == 0: + [original_ip_list.remove(i) for i in to_remove_ip] + else: + self.logger.error("Wrong format in Protected IP List: {} Support format like 8.8.8.8 or 8.8.*".format(ip)) + return original_ip_list + + # 入口函数定义 if __name__ == '__main__': @@ -234,6 +266,10 @@ if __name__ == '__main__': result_group = detector.find_server() for server_group in result_group: result_list = server_group.server_list + if server_group.object_type == 'ip': + result_list = detector.filtered_by_isp(result_list, detector.config['common']['protected_isp_list']) + result_list = detector.filtered_by_ip(result_list, detector.config['common']['protected_ip_list']) + detector.logger.info('[{}] - Filtered by ISP and IP, {} {} left.'.format(detector.plugin_name, len(result_list), server_group.object_type)) if len(result_list) > 0: detector.save_to_knowledgebase(result_list, server_group.object_type, detector.vpn_service_name, detector.plugin_id, |