From patchwork Fri Jan 11 20:05:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 2036 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id ECA6A87AF91 for ; Fri, 11 Jan 2019 09:05:32 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 182C120FA598; Fri, 11 Jan 2019 09:05:32 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547197532; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references:list-id:list-unsubscribe:list-subscribe:list-post; bh=ir0vmm3GynCqCVkLDIC+VXCXUpZOuTZkAKp0jNkB0fc=; b=ULeQzf4yepn5nNtU4H90w0Ug94Fm8LtBchRIVR/oiqfz3hxCa/NIq0NMjQs9H6qOg16EXZ VsDfifWzxFEwxxxHqVgaDcrzAssz+m+stCSrXOnp34ZO61UeRA05UQegW6RpXuAfTXBRHJ NbjHr1U0GV11DSH1+5cDCNrk9ZBUsOhkg1mAvPrMXOG3rTSBE7OKjATdcyenRYZ8ZSgaZ4 Xthx3r8zDW/dUn6SGciSxsK46LKunU2bykQV1zGZ/2ocdmRiT3uqzeZXGNDt97JZ+olqbo 8xjCUKhJCsibgUeR/g0aRgytUIvW9/4KkB3q2PnnvejCN5jfsfoZxUH7NB1xDg== Received: from tuxedo.stevee (212095005246.public.telering.at [212.95.5.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 433CD21B512A; Fri, 11 Jan 2019 09:05:29 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547197529; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references; bh=ir0vmm3GynCqCVkLDIC+VXCXUpZOuTZkAKp0jNkB0fc=; b=S/qM7m3qA/nSThIWPs1PfV1QS/Y5M+Cx2oRVpmMPiSopZOH2IwWGxk2eK+EVoFFwj4soFh /RJZUcdRSas0z7OxLa7HCICa9QR3zs0AaeAg+CjrEDMsjvSY0hYV/3JIwOjYTsxmfOTVXb AtDXKSp6RVi8Q8OnFD+zVNOyDWNpw4f2Iw90BZAKyLcDoOdGYi83n3aTaOv6TdcntvotzA sm9OeSq0FuVoIP9lx5bid4B7Sy3EIFvB1bDtbGVbT9zqyH9Th5wdvAW/xm4hm0WnchHP/T TbRdXbLY65njjhbyMYl8L4h7HDQWUsv35qUMmKA/A3tWngGvfPyFfNGajyzB9Q== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 1/2] Revert "GeoIP: Drop legacy GeoIP perl module." Date: Fri, 11 Jan 2019 10:05:23 +0100 Message-Id: <20190111090524.12871-1-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.19.1 MIME-Version: 1.0 X-Spam-Status: No, score=5.10 X-Rspamd-Server: mail01.i.ipfire.org Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org X-Spamd-Result: default: False [5.10 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; NEURAL_SPAM(0.32)[0.107,0]; BROKEN_CONTENT_TYPE(1.50)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8412, ipnet:212.95.0.0/19, country:AT]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-0.12)[66.67%] X-Spam-Level: ***** X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" X-Spam: Yes This reverts commit 9d1708e081d7e7ba490db3620509dcce29cb0ae8. Signed-off-by: Stefan Schantl --- config/rootfiles/common/GeoIP | 12 +++++ lfs/GeoIP | 84 +++++++++++++++++++++++++++++++++++ make.sh | 1 + 3 files changed, 97 insertions(+) create mode 100644 config/rootfiles/common/GeoIP create mode 100644 lfs/GeoIP diff --git a/config/rootfiles/common/GeoIP b/config/rootfiles/common/GeoIP new file mode 100644 index 000000000..d76ba645e --- /dev/null +++ b/config/rootfiles/common/GeoIP @@ -0,0 +1,12 @@ +#usr/bin/geoip-lookup +#usr/lib/perl5/site_perl/5.12.3/Geo +#usr/lib/perl5/site_perl/5.12.3/Geo/IP +usr/lib/perl5/site_perl/5.12.3/Geo/IP/PurePerl.pm +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Geo +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Geo/IP +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Geo/IP/PurePerl +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Geo/IP/PurePerl/.packlist +#usr/share/GeoIP +usr/share/GeoIP/GeoIP.dat +#usr/share/man/man1/geoip-lookup.1 +#usr/share/man/man3/Geo::IP::PurePerl.3 diff --git a/lfs/GeoIP b/lfs/GeoIP new file mode 100644 index 000000000..ce758d8a5 --- /dev/null +++ b/lfs/GeoIP @@ -0,0 +1,84 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2018 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.25 +DATVER = 30062018 + +THISAPP = Geo-IP-PurePerl-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) GeoIP.dat-$(DATVER).gz + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) +GeoIP.dat-$(DATVER).gz = $(DL_FROM)/GeoIP.dat-$(DATVER).gz + +$(DL_FILE)_MD5 = a47a1b71f7cd7c46cca9efcc448e0726 +GeoIP.dat-$(DATVER).gz_MD5 = d538e57ad9268fdc7955c6cf9a37c4a9 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/geoip_1_25_change_database_path.patch + cd $(DIR_APP) && perl Makefile.PL + cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP) && make install + cd $(DIR_APP) && mkdir -p /usr/share/GeoIP && \ + zcat $(DIR_DL)/GeoIP.dat-$(DATVER).gz > /usr/share/GeoIP/GeoIP.dat + cd $(DIR_APP) && chmod 777 /srv/web/ipfire/html/images/flags + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index 1d9163dce..601f1675b 100755 --- a/make.sh +++ b/make.sh @@ -1305,6 +1305,7 @@ buildipfire() { lfsmake2 python-daemon lfsmake2 python-ipaddress lfsmake2 glib + lfsmake2 GeoIP lfsmake2 ntp lfsmake2 openssh lfsmake2 fontconfig From patchwork Fri Jan 11 20:05:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 2037 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id B571D87AF91 for ; Fri, 11 Jan 2019 09:05:35 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 53F8E20FA311; Fri, 11 Jan 2019 09:05:35 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547197535; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id: list-unsubscribe:list-subscribe:list-post; bh=rm7SAWfJjPnHReeE2kzV7K3nnk/IKzyblS+8MgZYUt0=; b=E4S5Sdo79/02ttbhepN6XnpeCv668yx4vi/0OPqahdR4jpzKvUtmQDP1nWrbWNTOhoATL/ oaTjAZlzRGtJfUyoBSND/Nkm+yHrnEWZ2zJkNyF8HazLPHSGjW67jLwBKyj1/7OksqoMz9 isUQfUnsPGkS5D1nnUfEFQSTUbERGZ2gjrhdCCJhTeDGJ10+qF3o9+/AqOOIIjs202CWqw LEi70VL24nBADyfa1vxDmFvHs4SJzOpGMh3VE0sF1l56WVSdCbU6hLt3O9FLlHHuKL64u0 76HBOnJ0RyIT61xtntb7uXLTHFi9Ss/0nF12dEiDIn/NOoctBiaT9UxpujCW5g== Received: from tuxedo.stevee (212095005246.public.telering.at [212.95.5.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id D95BF20FA598; Fri, 11 Jan 2019 09:05:29 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547197530; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rm7SAWfJjPnHReeE2kzV7K3nnk/IKzyblS+8MgZYUt0=; b=cEzpH0JCx4U+HgrCtDs+2izYO4SJjz898tijHToGDRk2tHrwWx212ZTvYcIpH3d+HwTpgA FvuIH/8q01KAjT1W66vj65+ECbga8Dno398ybcuXvmarCFxuu2IYI+dXV6PXxv1MM8JiWu 0cocsaRzGBdqm27jqFAZxuhO+ApSveN5seTT0q/yawPimpPA1WIYWkliwYs9mADJc+7wgJ jfHGBbTAMaVVUrAdkRQNRByVCNo7RUFwWUZzT79EvZzAjVXxdaAuI7niXMpGEMLaxSXsuy 2VsdhX+6r3dEhVF5OpJIrm94tNwsQeJwuehnnQfZL52ca6E3vSJy6/wVqgVIcg== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 2/2] Revert "geoip-functions.pl: Re-write code to lookup the iso country code of a given IP-address." Date: Fri, 11 Jan 2019 10:05:24 +0100 Message-Id: <20190111090524.12871-2-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190111090524.12871-1-stefan.schantl@ipfire.org> References: <20190111090524.12871-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org X-Spamd-Result: default: False [-4.54 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; REPLY(-4.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-2.85)[-0.950,0]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8412, ipnet:212.95.0.0/19, country:AT]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-2.60)[98.21%] X-Spam-Status: No, score=-4.54 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Enhanching the code to fix the lookup will rapidely slow down the lookup speed. Because using the GeoIP2 module is no option ( the reasons have been described in the commit message which will now reverted), we have decided to temporary switch back to the old module until a nice solution has been found. This reverts commit ff21ff90d24de0f648d24bb906c45738b81ce67a. Signed-off-by: Stefan Schantl --- config/cfgroot/geoip-functions.pl | 75 +++---------------------------- 1 file changed, 7 insertions(+), 68 deletions(-) diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl index 9f86a09ba..c8ff47d2e 100644 --- a/config/cfgroot/geoip-functions.pl +++ b/config/cfgroot/geoip-functions.pl @@ -23,82 +23,21 @@ package GeoIP; -require '/var/ipfire/network-functions.pl'; - +use Geo::IP::PurePerl; use Locale::Codes::Country; -# Path where all the GeoIP related databases are stored. -my $geoip_database_dir = "/var/lib/GeoIP"; - -# Database which contains all IPv4 networks. -my $address_ipv4_database = "GeoLite2-Country-Blocks-IPv4.csv"; - -# Database wich contains the locations data. -my $location_database = "GeoLite2-Country-Locations-en.csv"; +my $database; sub lookup($) { my $address = shift; - my $location_id; - my $country_code; - - # Check if the given address is valid. - unless(&Network::check_ip_address($address)) { - return; - } - - # Open the address database. - open(ADDRESS, "$geoip_database_dir/$address_ipv4_database") or die "Could not open $geoip_database_dir/$address_ipv4_database. $!\n"; - - # Loop through the file. - while(my $line =
) { - # Remove newlines. - chomp($line); - - # Split the line content. - my ($network, $geoname_id, $registered_country_geoname_id, $represented_country_geoname_id, $is_anonymous_proxy, $is_satellite_provider) = split(/\,/, $line); - # Check if the given address is part of the current processed network. - if (&Network::ip_address_in_network($address, $network)) { - # Store the geoname_id for this address. - $location_id = $geoname_id; - - # Break loop. - last; - } + # Load the database into memory if not already done + if (!$database) { + $database = Geo::IP::PurePerl->new(GEOIP_MEMORY_CACHE); } - # Return nothing if no location_id could be found. - return unless($location_id); - - # Close filehandle. - close(ADDRESS); - - # Open the location database. - open(LOCATION, "$geoip_database_dir/$location_database") or die "Could not open $geoip_database_dir/$location_database. $!\n"; - - # Loop through the file. - while(my $line = ) { - # Remove newlines. - chomp($line); - - # Split the line content. - my ($geoname_id, $locale_code, $continent_code, $continent_name, $country_iso_code, $country_name, $is_in_european_union) = split(/\,/, $line); - - # Check if the correct location_id has been found. - if ($geoname_id eq $location_id) { - # Store the county code. - $country_code = $country_iso_code; - - # Break loop. - last; - } - } - - # Close filehandle. - close(LOCATION); - - # Return the obtained country code. - return $country_code; + # Return the name of the country + return $database->country_code_by_name($address); } # Function to get the flag icon for a specified country code.