# Requires at least python 3.10 import requests import argparse # This source code is copyright Jeff Martin and contributing authors # and is released under the AGPL license. # https://www.gnu.org/licenses/agpl-3.0.en.html # Modified by Fijxu for it's own purposes class IPParser: def __init__(self, ip_list): self.ip_v4 = [] self.ip_v6 = [] self.ip_list = ip_list self.ip_list = self.ip_list.splitlines() def parse(self): # string should be one line per entry, eg: # 129.134.173.0/24 # 2a03:2887:ff1e::/48 for line in self.ip_list: self.parse_ip(line) self.write() def parse_ip(self, line): line = line.strip() if ':' in line: self.ip_v6.append(line) elif '.' in line: self.ip_v4.append(line) else: raise Exception('unrecognized IP range: %s' % line) def write(self): match args.format: case "nginx": print("Using NGINX format") self.writeNginx() return case "nginxGeo": print("Using NGINX Geo format") self.writeNginxGeo() return case "nginxMap": print("Using NGINX Map format") self.writeNginxMap() return case "iptables": print("Using IPTables format") self.writeIptables() return case "simplelist": print("Using simplelist format") self.writeSimplelist() return case "ansible": print("Using Ansible format") self.writeAnsible() return case _: print("Select a format! (nginx, iptables, simplelist, ansible)") exit(1) def writeNginx(self): with open(f'{args.asn}-nginx-denylist-ipv4.conf', 'w') as f: for ip in self.ip_v4: f.write('deny %s;\n' % ip) with open(f'{args.asn}-nginx-denylist-ipv6.conf', 'w') as f: for ip in self.ip_v6: f.write('deny %s;\n' % ip) def writeNginxGeo(self): with open(f'{args.asn}-nginx-geo-ipv4.conf', 'w') as f: f.write('geo $asn-%s {\n' % args.asn) f.write('\tdefault 0;\n') for ip in self.ip_v4: f.write('\t%s 1;\n' % ip) f.write('}') with open(f'{args.asn}-nginx-geo-ipv6.conf', 'w') as f: f.write('geo $asn-%s {\n' % args.asn) f.write('\tdefault 0;\n') for ip in self.ip_v6: f.write('\t%s 1;\n' % ip) f.write('}') def writeNginxMap(self): with open(f'{args.asn}-nginx-map-ipv4.conf', 'w') as f: f.write('map $remote_addr $asn {\n') f.write('\tdefault 0;\n') for ip in self.ip_v4: f.write('\t%s %s;\n' % (ip, args.asn)) f.write('}') with open(f'{args.asn}-nginx-map-ipv6.conf', 'w') as f: f.write('map $remote_addr $asn {\n') f.write('\tdefault 0;\n') for ip in self.ip_v6: f.write('\t%s %s;\n' % (ip, args.asn)) f.write('}') def writeIptables(self): with open(f'{args.asn}-iptables-ipv4.txt', 'w') as f: for ip in self.ip_v4: f.write('-A INPUT -s %s -j DROP\n' % ip) with open(f'{args.asn}-iptables-ipv6.txt', 'w') as f: for ip in self.ip_v6: f.write('-A INPUT -s %s -j DROP\n' % ip) def writeSimplelist(self): with open(f'{args.asn}-ipv4.txt', 'w') as f: for ip in self.ip_v4: f.write('%s\n' % ip) with open(f'{args.asn}-ipv6.conf', 'w') as f: for ip in self.ip_v6: f.write('%s\n' % ip) def writeAnsible(self): with open(f'{args.asn}-ansible-ipv4.txt', 'w') as f: for ip in self.ip_v4: f.write('- %s\n' % ip) with open(f'{args.asn}-ansible-ipv6.txt', 'w') as f: for ip in self.ip_v6: f.write('- %s\n' % ip) parser = argparse.ArgumentParser() parser.add_argument("-a", "--asn", help="The AS number you want to block. Ex: --asn 1234") parser.add_argument("-f", "--format", help="In which format the list should output (nginx, iptables, simpletlist)") parser.add_argument("-o", "--output", help="Where do you want your file to be?") args = parser.parse_args() req = x = requests.get(f"https://www.enjen.net/asn-blocklist/index.php?asn={args.asn}&type=iplist&api=1") ip_parser = IPParser(req.text) ip_parser.parse()