InitHEADmaster

2 files changed, 144 insertions, 0 deletions

diff --git a/tools/cgrep.py b/tools/cgrep.py
new file mode 100755
index 0000000..bc7a993
--- /dev/null
+++ b/tools/cgrep.py
@@ -0,0 +1,80 @@
+#!/usr/bin/python
+#
+# Simply util to grep through network definitions.
+# Examples:
+#   To find out which tokens contain "10.4.3.1" use
+#   $ cgrep.py -i 10.4.3.1
+#
+#   To find out if token 'FOO' includes ip "1.2.3.4" use
+#   $ cgrep.py -t FOO -i 1.2.3.4
+#
+#   To find the difference and union of tokens 'FOO' and 'BAR' use
+#   $ cgrep.py -c FOO BAR
+#
+__author__ = "watson@google.com (Tony Watson)"
+
+import sys
+sys.path.append('../')
+from lib import naming
+from lib import nacaddr
+from optparse import OptionParser
+
+def main(argv):
+  parser = OptionParser()
+
+  parser.add_option("-d", "--def", dest="defs", action="store",
+                    help="Network Definitions directory location",
+                    default="../def")
+  parser.add_option("-i", "--ip", dest="ip", action="store",
+                    help="Return list of defintions containing this IP.  "
+                         "Multiple IPs permitted.")
+
+  parser.add_option("-t", "--token", dest="token", action="store",
+                    help="See if an IP is contained within this token."
+                         "Must be used in conjunction with --ip [addr].")
+
+  parser.add_option("-c", "--cmp", dest="cmp", action="store_true",
+                    help="Compare two network definition tokens")
+
+  (options, args) = parser.parse_args()
+
+  db = naming.Naming(options.defs)
+
+  if options.ip is not None and options.token is None:
+    for arg in sys.argv[2:]:
+      print "%s: " % arg
+      rval = db.GetIpParents(arg)
+      print rval
+
+  if options.token is not None and options.ip is None:
+    print "You must specify and IP Address with --ip [addr] to check."
+    sys.exit(0)
+
+  if options.token is not None and options.ip is not None:
+    token = options.token
+    ip = options.ip
+    rval = db.GetIpParents(ip)
+    if token in rval:
+      print '%s is in %s' % (ip, token)
+    else:
+      print '%s is not in %s' % (ip, token)
+
+  if options.cmp is not None:
+    t1 = argv[2]
+    t2 = argv[3]
+    d1 = db.GetNet(t1)
+    d2 = db.GetNet(t2)
+    union = list(set(d1 + d2))
+    print 'Union of %s and %s:\n %s\n' % (t1, t2, union)
+    print 'Diff of %s and %s:' % (t1, t2)
+    for el in set(d1 + d2):
+      el = nacaddr.IP(el)
+      if el in d1 and el in d2:
+        print '  %s' % el
+      elif el in d1:
+          print '+ %s' % el
+      elif el in d2:
+          print '- %s' % el
+
+if __name__ == '__main__':
+  main(sys.argv)
diff --git a/tools/get-country-zones.pl b/tools/get-country-zones.pl
new file mode 100755
index 0000000..93a0c48
--- /dev/null
+++ b/tools/get-country-zones.pl
@@ -0,0 +1,64 @@
+#!/usr/bin/perl
+#
+# Author: Paul Armstrong
+#
+# Downloads maps of countries to CIDR netblocks for the world and then turns
+# them into definition files usable by Capirca
+
+use strict;
+use warnings;
+use File::Find;
+
+my @files;
+my $destination = '../def/';
+my $extension = '.net';
+
+system("wget http://www.ipdeny.com/ipblocks/data/countries/all-zones.tar.gz")
+  == 0 or die "Unable to get all-zones.tar.gz: $?\n";
+
+system("tar -zxf all-zones.tar.gz") == 0
+  or die "Unable to untar all-zones.tar.gz: $?\n";
+
+# We don't need these lying around
+unlink("Copyrights.txt");
+unlink("MD5SUM");
+unlink("all-zones.tar.gz");
+
+sub zone_files
+{
+  push @files, $File::Find::name if(/\.zone$/i);
+}
+
+find(\&zone_files, $ENV{PWD});
+
+for my $file (@files)
+{
+  if($file =~ /^.*\/([a-z]{2})\.zone/)
+  {
+    my $country = $1;
+    my $new_name = "$destination$country$extension";
+    my $country_uc = uc($country);
+    die "$file is zero bytes\n" if(!-s $file);
+    open(OLDFILE, $file) or die "Unable to open $file: $!\n";
+    open(NEWFILE, ">$new_name") 
+      or die "Unable to open $new_name: $!\n";
+    while(<OLDFILE>) 
+    {
+      chomp;
+      if ($. == 1)
+      {
+        print NEWFILE "${country_uc}_NETBLOCKS = $_\n"
+          or die "Unable to print to $new_name: $!\n";
+      }
+      else
+      {
+        print NEWFILE "               $_\n"
+          or die "Unable to print to $new_name: $!\n";
+      }
+    }
+    close(NEWFILE) or die "$new_name didn't close properly: $!\n";
+    close(OLDFILE);
+    die "$new_name is zero bytes\n" if(!-s $new_name);
+    unlink($file); # clean up the originals.
+  }
+}