ei
/
mtg
зеркало из https://github.com/9seconds/mtg
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Релизы 48 Вики Активность
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
1038 коммитов
4 Ветки
Дерево: 2b07c0037e
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из '2b07c0037e'
${ noResults }
mtg/ipblocklist/firehol.go

firehol.go 5.7KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267 
  1. package ipblocklist

  2. 

  3. import (

  4. 	"bufio"

  5. 	"context"

  6. 	"fmt"

  7. 	"net"

  8. 	"regexp"

  9. 	"strings"

  10. 	"sync"

  11. 	"time"

  12. 

  13. 	"github.com/9seconds/mtg/v2/ipblocklist/files"

  14. 	"github.com/9seconds/mtg/v2/mtglib"

  15. 	"github.com/panjf2000/ants/v2"

  16. 	"github.com/yl2chen/cidranger"

  17. )

  18. 

  19. var (

  20. 	fireholRegexpComment = regexp.MustCompile(`\s*#.*?$`)

  21. 

  22. 	fireholIPv4DefaultCIDR = net.CIDRMask(32, 32)

  23. 	fireholIPv6DefaultCIDR = net.CIDRMask(128, 128)

  24. )

  25. 

  26. // FireholUpdateCallback defines a signature of the callback that has to be

  27. // execute when ip list is updated.

  28. type FireholUpdateCallback func(context.Context, int)

  29. 

  30. // Firehol is [mtglib.IPBlocklist] which uses lists from FireHOL:

  31. // https://iplists.firehol.org/

  32. //

  33. // It can use both local files and remote URLs. This is not necessary that

  34. // blocklists should be taken from this website, we expect only compatible

  35. // formats here.

  36. //

  37. // Example of the format:

  38. //

  39. //	# this is a comment

  40. //	# to ignore

  41. //	127.0.0.1   # you can specify an IP

  42. //	10.0.0.0/8  # or cidr

  43. type Firehol struct {

  44. 	ctx         context.Context

  45. 	ctxCancel   context.CancelFunc

  46. 	logger      mtglib.Logger

  47. 	updateMutex sync.RWMutex

  48. 

  49. 	updateCallback FireholUpdateCallback

  50. 	ranger         cidranger.Ranger

  51. 

  52. 	blocklists []files.File

  53. 

  54. 	workerPool *ants.Pool

  55. }

  56. 

  57. // Shutdown stop a background update process.

  58. func (f *Firehol) Shutdown() {

  59. 	f.ctxCancel()

  60. }

  61. 

  62. // Contains is given IP list can be found in FireHOL blocklists.

  63. func (f *Firehol) Contains(ip net.IP) bool {

  64. 	if ip == nil {

  65. 		return true

  66. 	}

  67. 

  68. 	f.updateMutex.RLock()

  69. 	defer f.updateMutex.RUnlock()

  70. 

  71. 	ok, err := f.ranger.Contains(ip)

  72. 	if err != nil {

  73. 		f.logger.BindStr("ip", ip.String()).DebugError("Cannot check if ip is present", err)

  74. 	}

  75. 

  76. 	return ok && err == nil

  77. }

  78. 

  79. // Run starts a background update process.

  80. //

  81. // This is a blocking method so you probably want to run it in a goroutine.

  82. func (f *Firehol) Run(updateEach time.Duration) {

  83. 	if updateEach == 0 {

  84. 		updateEach = DefaultFireholUpdateEach

  85. 	}

  86. 

  87. 	ticker := time.NewTicker(updateEach)

  88. 

  89. 	defer func() {

  90. 		ticker.Stop()

  91. 

  92. 		select {

  93. 		case <-ticker.C:

  94. 		default:

  95. 		}

  96. 	}()

  97. 

  98. 	f.update()

  99. 

  100. 	for {

  101. 		select {

  102. 		case <-f.ctx.Done():

  103. 			return

  104. 		case <-ticker.C:

  105. 			f.update()

  106. 		}

  107. 	}

  108. }

  109. 

  110. func (f *Firehol) update() {

  111. 	ctx, cancel := context.WithCancel(f.ctx)

  112. 	defer cancel()

  113. 

  114. 	wg := &sync.WaitGroup{}

  115. 

  116. 	mutex := &sync.Mutex{}

  117. 	ranger := cidranger.NewPCTrieRanger()

  118. 

  119. 	for _, v := range f.blocklists {

  120. 		wg.Go(func() {

  121. 			logger := f.logger.BindStr("filename", v.String())

  122. 

  123. 			fileContent, err := v.Open(ctx)

  124. 			if err != nil {

  125. 				logger.WarningError("update has failed", err)

  126. 

  127. 				return

  128. 			}

  129. 

  130. 			defer fileContent.Close() //nolint: errcheck

  131. 

  132. 			if err := f.updateFromFile(mutex, ranger, bufio.NewScanner(fileContent)); err != nil {

  133. 				logger.WarningError("update has failed", err)

  134. 			}

  135. 		})

  136. 	}

  137. 

  138. 	wg.Wait()

  139. 

  140. 	f.updateMutex.Lock()

  141. 	defer f.updateMutex.Unlock()

  142. 

  143. 	f.ranger = ranger

  144. 

  145. 	if f.updateCallback != nil {

  146. 		f.updateCallback(ctx, ranger.Len())

  147. 	}

  148. 

  149. 	f.logger.Info("ip list was updated")

  150. }

  151. 

  152. func (f *Firehol) updateFromFile(mutex sync.Locker,

  153. 	ranger cidranger.Ranger,

  154. 	scanner *bufio.Scanner,

  155. ) error {

  156. 	for scanner.Scan() {

  157. 		text := scanner.Text()

  158. 		text = fireholRegexpComment.ReplaceAllLiteralString(text, "")

  159. 		text = strings.TrimSpace(text)

  160. 

  161. 		if text == "" {

  162. 			continue

  163. 		}

  164. 

  165. 		ipnet, err := f.updateParseLine(text)

  166. 		if err != nil {

  167. 			return fmt.Errorf("cannot parse a line: %w", err)

  168. 		}

  169. 

  170. 		mutex.Lock()

  171. 		err = ranger.Insert(cidranger.NewBasicRangerEntry(*ipnet))

  172. 		mutex.Unlock()

  173. 

  174. 		if err != nil {

  175. 			return fmt.Errorf("cannot insert %v into ranger: %w", ipnet, err)

  176. 		}

  177. 	}

  178. 

  179. 	if scanner.Err() != nil {

  180. 		return fmt.Errorf("cannot parse a file: %w", scanner.Err())

  181. 	}

  182. 

  183. 	return nil

  184. }

  185. 

  186. func (f *Firehol) updateParseLine(text string) (*net.IPNet, error) {

  187. 	if _, ipnet, err := net.ParseCIDR(text); err == nil {

  188. 		return ipnet, nil

  189. 	}

  190. 

  191. 	ipaddr := net.ParseIP(text)

  192. 	if ipaddr == nil {

  193. 		return nil, fmt.Errorf("incorrect ip address %s", text)

  194. 	}

  195. 

  196. 	mask := fireholIPv4DefaultCIDR

  197. 

  198. 	if ipaddr.To4() == nil {

  199. 		mask = fireholIPv6DefaultCIDR

  200. 	}

  201. 

  202. 	return &net.IPNet{

  203. 		IP:   ipaddr,

  204. 		Mask: mask,

  205. 	}, nil

  206. }

  207. 

  208. // NewFirehol creates a new instance of FireHOL IP blocklist.

  209. //

  210. // This method does not start an update process so please execute Run when it

  211. // is necessary.

  212. func NewFirehol(logger mtglib.Logger, network mtglib.Network,

  213. 	downloadConcurrency uint,

  214. 	urls []string,

  215. 	localFiles []string,

  216. 	updateCallback FireholUpdateCallback,

  217. ) (*Firehol, error) {

  218. 	blocklists := []files.File{}

  219. 

  220. 	for _, v := range localFiles {

  221. 		file, err := files.NewLocal(v)

  222. 		if err != nil {

  223. 			return nil, fmt.Errorf("cannot create a local file %s: %w", v, err)

  224. 		}

  225. 

  226. 		blocklists = append(blocklists, file)

  227. 	}

  228. 

  229. 	httpClient := network.MakeHTTPClient(nil)

  230. 

  231. 	for _, v := range urls {

  232. 		file, err := files.NewHTTP(httpClient, v)

  233. 		if err != nil {

  234. 			return nil, fmt.Errorf("cannot create a HTTP file %s: %w", v, err)

  235. 		}

  236. 

  237. 		blocklists = append(blocklists, file)

  238. 	}

  239. 

  240. 	return NewFireholFromFiles(logger, downloadConcurrency, blocklists, updateCallback)

  241. }

  242. 

  243. // NewFirehol creates a new instance of FireHOL IP blocklist.

  244. //

  245. // This method creates this instances from a given list of files.

  246. func NewFireholFromFiles(logger mtglib.Logger,

  247. 	downloadConcurrency uint,

  248. 	blocklists []files.File,

  249. 	updateCallback FireholUpdateCallback,

  250. ) (*Firehol, error) {

  251. 	if downloadConcurrency == 0 {

  252. 		downloadConcurrency = DefaultFireholDownloadConcurrency

  253. 	}

  254. 

  255. 	workerPool, _ := ants.NewPool(int(downloadConcurrency))

  256. 	ctx, cancel := context.WithCancel(context.Background())

  257. 

  258. 	return &Firehol{

  259. 		ctx:            ctx,

  260. 		ctxCancel:      cancel,

  261. 		logger:         logger.Named("firehol"),

  262. 		ranger:         cidranger.NewPCTrieRanger(),

  263. 		workerPool:     workerPool,

  264. 		blocklists:     blocklists,

  265. 		updateCallback: updateCallback,

  266. 	}, nil

  267. }