You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

375 lines
12 KiB

#!/usr/bin/perl
use strict;
use warnings;
use Dancer2;
use Socket;
use DBI;
use File::Fetch;
use HTTP::Tiny;
use HTTP::Request;
use Data::Validate::Domain qw(is_domain);
use Data::Validate::IP qw(is_public_ipv4 is_public_ipv6);
use MaxMind::DB::Reader;
use Archive::Tar;
use Data::Dumper;
### README #########################################################################################################################################
# This is the server for the XTR (XiCoN Trace Route). It's more of a master browser for the clients, so an web frontend can get a list of all the
# available clients combined from one auto-updated source. It opens a port and listening to HTTP requests (GET and PUT). It can list all online and
# offline clients. It also accepts new client entries via a PUT request (target client address in database has to be the request ip).
#
# The server keeps the list of clients up2date with checking their availablity with each request of all online clients.
# For now, only IPv4 clients are supported. This will change in the future.
#
# This software uses the MaxMind GeoLite2 database (https://www.maxmind.com) to determine the AS for each hop. To lookup the AS information the script
# uses the MaxMind perl module which uses the MaxMind DB library.
#
#
# This product includes GeoLite2 ASN data created by MaxMind, available from <a href="http://www.maxmind.com">http://www.maxmind.com</a>.
######################################################################################################################################################
### CHANGELOG ######################################################################################################################################
# v0.5 (2020-04-14)
# * FIX: Maxmind now allows redistributing GeoLite2-ASN database if requirements are fulfilled (https://git.xicon.eu/xicon/xtr/issues/3)
# * ADD: Maxmind's TOS added as start-up message
#
# v0.4 (2019-08-22)
# * ADD: added better documentation
# * ADD: list of API commands via API
# * FIX: replaced bug-driven LWP::* with HTTP::Tiny
# * FIX: limited adding of clients to source ip of target entry (only add a client which you are coming from)
######################################################################################################################################################
### INSTALL ########################################################################################################################################
# This is a standalone software which usually runs in the "foreground". Starting it in a screen session or via init.d/systemd/rc.d is
# highly recommended. For testing, starting this script in a screen session is also fine.
#
# Either install all listed modules with "cpan -i <module>" or use your system's package manager (apt, yum, yast).
#
# On Debian just install there packages:
# screen
# libperlio-gzip-perl
# libdancer2-perl
# libdbi-perl
# libdbd-sqlite3-perl
# libdata-validate-ip-perl
# build-essential
# cpanminus
# libmaxminddb0
# libmaxminddb-dev
#
# After that, execute this command to install maxmind database reader module:
# cpanm -q -n MaxMind::DB::Reader::XS
#
######################################################################################################################################################
### VARS #############################################################################################################################################
my $dbfile = 'xtrd.db';
my $max_dbfile = 'GeoLite2-ASN.mmdb';
my $max_db_source = 'http://xtr.xicon.eu/GeoLite2-ASN.tar.gz';
my $server_protocol_version = 3;
my $min_client_version = 4;
set port => 12110;
######################################################################################################################################################
get_maxmind_db($max_db_source, $max_dbfile);
### connect to database
my $maxmind_reader = MaxMind::DB::Reader->new( file => $max_dbfile );
######################################################################################################################################################
### NOTHING TO CHANGE BELOW HERE ###################################################################################################################
######################################################################################################################################################
### connect to database
my $dbh = DBI->connect("dbi:SQLite:dbname=$dbfile","","");
### create server database & table if needed
create_db_table($dbh,"server","server( server_ip TEXT, server_port INTEGER, server_as INTEGER, server_status INTEGER)","");
### hook for HTTP "security"
hook 'before' => sub {
header 'Access-Control-Allow-Origin' => '*';
};
### main get route
get '/v3/server/list/online' => sub {
refresh_server_status($dbh,"1");
my $server = get_server($dbh,"1");
return encode_json $server;
};
get '/v3/server/list/offline' => sub {
my $server = get_server($dbh,"0");
return encode_json $server;
};
get '/v3/server/list/all' => sub {
my $server = get_server($dbh,"");
return encode_json $server;
};
get '/v3/server/info/version' => sub {
return $server_protocol_version;
};
get '/v3/server/info/commands' => sub {
my $commands = "/v".$server_protocol_version."/server/list/online\n";
$commands .= "/v".$server_protocol_version."/server/list/offline\n";
$commands .= "/v".$server_protocol_version."/server/list/all\n";
$commands .= "/v".$server_protocol_version."/server/add/<ip>/<port>/<state>\n";
$commands .= "/v".$server_protocol_version."/server/info/version\n";
$commands .= "/v".$server_protocol_version."/server/info/commands\n";
return $commands;
};
put '/v3/server/add/:ip/:port/:state' => sub {
### collect parameters
my $ip = route_parameters->get('ip');
my $port = route_parameters->get('port');
my $state = route_parameters->get('state');
### get client ip
my $client_ip = request->address;
my $request_ffa = request->forwarded_for_address;
if(is_public_ipv4($request_ffa)) { $client_ip = $request_ffa; }
### check input
if(!is_public_ipv4($ip) || $client_ip ne $ip) { status('bad_request'); return "invalid IP address"; }
if(!($port > 0 and $port < 65536)) { status('bad_request'); return "invalid port"; }
if(!($state >= 0 and $state < 256)) { status('bad_request'); return "invalid status"; }
my $result = add_server($dbh,$maxmind_reader,$ip,$port,$state);
return "OK";
};
### start the loop
start;
### if you reach this, you're done
exit;
sub check_server_status
{
my ($hostname,$port) = @_;
my $url = "http://".$hostname.":".$port."/v3/client/info/version";
my $httptiny = HTTP::Tiny->new("timeout" => 2);
my $response = $httptiny->request("GET",$url);
my @return_code = ($response->{'success'}, $response->{'content'});
return @return_code;
}
sub add_server
{
my ($dbh,$maxmind_reader,$ip,$port,$status) = @_;
# prepare data
my $resolve = gethostbyname($ip);
my $a_record = inet_ntoa($resolve);
my $as = 0;
my $as_name = " ";
my $as_data = find_as($maxmind_reader, $a_record);
if(defined($as_data->{'autonomous_system_number'})) { $as = $as_data->{'autonomous_system_number'}; }
if(defined($as_data->{'autonomous_system_organization'})) { $as_name = $as_data->{'autonomous_system_organization'}; }
my $id = get_server_id($dbh,$ip,$port);
if($id ne "0")
{
# get server as from database
my $db_as = get_server_as($dbh,$id);
# update server status
set_server_status($dbh,$id,$status);
if($as ne $db_as)
{
set_server_as($dbh,$id,$as);
}
}
else
{
my $add_server_cmd = "INSERT INTO server VALUES ('".$ip."','".$port."','".$as."','".$status."');";
my $add_server_sth = $dbh->prepare($add_server_cmd);
$add_server_sth->execute();
}
}
sub set_server_status
{
my ($dbh,$id,$status) = @_;
my $set_status_cmd = "UPDATE server set server_status = '".$status."' WHERE _rowid_ = '".$id."';";
my $set_status_sth = $dbh->prepare($set_status_cmd);
$set_status_sth->execute();
}
sub get_server_id
{
my ($dbh,$ip,$port) = @_;
my $get_id_cmd = "SELECT _rowid_ FROM server WHERE server_ip = '".$ip."' AND server_port = '".$port."';";
my $get_id_sth = $dbh->prepare($get_id_cmd);
$get_id_sth->execute();
my $result = $get_id_sth->fetch;
return $result->[0] || 0;
}
sub set_server_as
{
my ($dbh,$id,$as) = @_;
my $set_as_cmd = "UPDATE server set server_as = '".$as."' WHERE _rowid_ = '".$id."';";
my $set_as_sth = $dbh->prepare($set_as_cmd);
$set_as_sth->execute();
}
sub get_server_as
{
my ($dbh,$id) = @_;
my $get_as_cmd = "SELECT server_as FROM server WHERE _rowid_ = '".$id."';";
my $get_as_sth = $dbh->prepare($get_as_cmd);
$get_as_sth->execute();
my $result = $get_as_sth->fetch;
return $result->[0] || 0;
}
sub refresh_server_status
{
my ($dbh,$status) = @_;
my $temp_data = get_server($dbh,$status);
### check all servers and update status
foreach my $item (@$temp_data)
{
my ($success,$version) = check_server_status($item->[0],$item->[1]);
if($success)
{
if($version >= $min_client_version)
{
my $id = get_server_id($dbh, $item->[0],$item->[1]);
set_server_status($dbh, $id, "1");
}
else
{
my $id = get_server_id($dbh, $item->[0],$item->[1]);
set_server_status($dbh, $id, "0");
}
}
else
{
my $id = get_server_id($dbh, $item->[0],$item->[1]);
set_server_status($dbh, $id, "0");
}
}
}
sub get_server
{
my ($dbh,$status) = @_;
my $get_server_cmd = "";
if($status eq "")
{
$get_server_cmd = "SELECT * FROM server;";
}
else
{
$get_server_cmd = "SELECT * FROM server WHERE server_status = '".$status."';";
}
my $get_server_sth = $dbh->prepare($get_server_cmd);
$get_server_sth->execute();
my $result = $get_server_sth->fetchall_arrayref;
return $result;
}
sub find_as
{
my ($maxmind_reader, $ip) = @_;
my $record = $maxmind_reader->record_for_address($ip);
return $record;
}
sub get_maxmind_db
{
my ($max_db_source,$max_dbfile) = @_;
my $ff = File::Fetch->new(uri => $max_db_source);
my $temp_file = $ff->fetch( to => '/tmp' );
my $tar = Archive::Tar->new;
$tar->read($temp_file);
my @files = $tar->get_files();
foreach my $file (@files)
{
if($file->{'name'}=~/${max_dbfile}$/)
{
open(FILE,">",$max_dbfile) or die "Can't open file for writing: $!";
print FILE $file->{'data'};
close(FILE);
}
}
$tar->clear;
unlink($temp_file);
}
sub create_db_table
{
my ($dbh,$table,$schema,$schema_index) = @_;
my $check_table_cmd = "SELECT name FROM sqlite_master WHERE type='table' AND name='".$table."';";
my $check_table_sth = $dbh->prepare($check_table_cmd);
$check_table_sth->execute();
if(!$check_table_sth->fetch)
{
print "creating table '".$table."'...\n";
my $create_table_cmd = "CREATE TABLE ".$schema;
my $create_table_sth = $dbh->prepare($create_table_cmd);
$create_table_sth->execute();
if($schema_index ne "")
{
my $create_index_cmd = "CREATE INDEX ".$schema_index;
my $create_index_sth = $dbh->prepare($create_index_cmd);
$create_index_sth->execute();
}
return 1;
}
else
{
return 0;
}
}
sub print_maxmind_tos
{
print qq{ --------------------------------------------------------------------------------------------------------------------------------------- };
print "\n";
print qq{ This product includes GeoLite2 ASN data created by MaxMind, available from <a href="http://www.maxmind.com">http://www.maxmind.com</a>. };
print "\n";
print qq{ --------------------------------------------------------------------------------------------------------------------------------------- };
print "\n";
print "\n";
}