Class: PassiveDNS::ISC

Inherits:
Object
  • Object
show all
Defined in:
lib/pdns/iscpdns.rb

Constant Summary collapse

@@base = 
"https://dnsdb-api.isc.org/lookup"

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(config = "#{ENV['HOME']}/.isc-dnsdb-query.conf") ⇒ ISC

Returns a new instance of ISC.



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
# File 'lib/pdns/iscpdns.rb', line 12

def initialize(config="#{ENV['HOME']}/.isc-dnsdb-query.conf")
  @debug = false
  if File.exist?(config)
    @key = File.open(config).readline.chomp
    if @key =~ /^[0-9a-f]{64}$/
      # pass
    elsif @key =~ /^APIKEY=\"([0-9a-f]{64})\"/
      @key = $1
    else
      raise "Format of configuration file (default: #{ENV['HOME']}/.isc-dnsdb-query.conf) is:\nAPIKEY=\"<key>\"\nE.g.,\nAPIKEY=\"d41d8cd98f00b204e9800998ecf8427ed41d8cd98f00b204e9800998ecf8427e\"\n"
    end
  else
    raise "Configuration file for ISC is required for intialization\nFormat of configuration file (default: #{ENV['HOME']}/.isc-dnsdb-query.conf) is:\nAPIKEY=\"<key>\"\nE.g.,\nAPIKEY=\"d41d8cd98f00b204e9800998ecf8427ed41d8cd98f00b204e9800998ecf8427e\"\n"
  end
end

Instance Attribute Details

#debugObject

Returns the value of attribute debug.



9
10
11
 
# File 'lib/pdns/iscpdns.rb', line 9

def debug
  @debug
end

Instance Method Details

#lookup(label) ⇒ Object 



51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/pdns/iscpdns.rb', line 51

def lookup(label)
  $stderr.puts "DEBUG: ISC.lookup(#{label})" if @debug
  Timeout::timeout(240) {
    url = nil
    if label =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(\/\d{1,2})?$/
      label = label.gsub(/\//,',')
      url = "#{@@base}/rdata/ip/#{label}"
    else
      url = "#{@@base}/rrset/name/#{label}"
    end
    url = URI.parse url
    http = Net::HTTP.new(url.host, url.port)
    http.use_ssl = (url.scheme == 'https')
    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
    http.verify_depth = 5
    request = Net::HTTP::Get.new(url.path)
    request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} ChrisLee passive dns script")
    request.add_field("X-API-Key", @key)
    request.add_field("Accept", "application/json")
    t1 = Time.now
    response = http.request(request)
    t2 = Time.now
    parse_json(response.body,t2-t1)
  }
rescue Timeout::Error => e
  $stderr.puts "ISC lookup timed out: #{label}"
end

#parse_json(page, response_time) ⇒ Object 



28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/pdns/iscpdns.rb', line 28

def parse_json(page,response_time)
  res = []
  raise "Error: unable to parse request" if page =~ /Error: unable to parse request/
  # need to remove the json_class tag or the parser will crap itself trying to find a class to align it to
  rows = page.split(/\n/)
  rows.each do |row|
    record = JSON.parse(row)
    record['rdata'] = [record['rdata']] if record['rdata'].class == String
    record['rdata'].each do |rdata|
      if record['time_first']
        res << PDNSResult.new('ISC',response_time,record['rrname'],rdata,record['rrtype'],0,Time.at(record['time_first'].to_i).utc.strftime("%Y-%m-%dT%H:%M:%SZ"),Time.at(record['time_last'].to_i).utc.strftime("%Y-%m-%dT%H:%M:%SZ"))
      else
        res << PDNSResult.new('ISC',response_time,record['rrname'],rdata,record['rrtype'],nil,nil,nil)
      end
    end
  end
  res
rescue Exception => e
  $stderr.puts "ISC Exception: #{e}"
  $stderr.puts page
  raise e
end