geoip – KutuKupret colorful website

Geo Location DNSBL Using Perl, Memcached And GeoIP

In my last article about the DNSBL and memcached, I wrote how to use memcached to store the data for the DNSBL. It led me to other new ideas to make the Geo Location DNSBL. In previous article I put data into memcached with the following format:

_prefix_ip 127.0.0.2-10
_prefix_ = _a_ or _txt_
ip = ip address to blacklist

Example:

_a_192.168.1.1	127.0.0.3
_txt_192.168.1.1	Blacklisted

Each ip address has a pair of _a_ and _txt_ record.
For This experiment records will be store in following format:

_prefix_country_code 127.0.0.2-10
_prefix_ = _a_ or _txt_
country_code = country code to blacklist

Example:

_a_ID	127.0.0.3
_txt_ID	Blacklisted

dnsbl-geo.pl Perl script

#!/usr/bin/perl
use Net::DNS::Nameserver;
use Cache::Memcached;
use Geo::IP;
use strict;
use warnings;

our $our_dnsbl = ".dnsbl.example.com";

# Configure the memcached server
my $memd = new Cache::Memcached {
            'servers' => [ '127.0.0.1:11211' ],
};

my $gi = Geo::IP->new(GEOIP_STANDARD);

#sub reverse_ipv4 {
#        my $ip = $_[0];
#        my ($a1, $a2, $a3, $a4) = split /\./, $ip;
#        my $reversed_ipv4 = join('.', $a4,$a3,$a2,$a1);
#        return $reversed_ipv4;
#}

sub reverse_ipv4 {
        my @ips = split /\./, $_[0];
        my @r;
        push @r, pop @ips while @ips;
        return join('.', @r);
}

sub strip_domain_part {
        my $strip_domain = $_[0];
        $strip_domain =~ s/$our_dnsbl//ig;
        return $strip_domain;
}

sub reply_handler {
        my ($qname, $qclass, $qtype, $peerhost,$query,$conn) = @_;
        my ($rcode, @ans, @auth, @add);
        my ($memc_a_val, $memc_txt_val);

        #print "Received query from $peerhost to ". $conn->{"sockhost"}. "\n";
        #$query->print;

        my $striped_domain = strip_domain_part($qname);
        my $reverse_striped_domain = reverse_ipv4($striped_domain);

        my $country_code = $gi->country_code_by_addr($reverse_striped_domain);

        if ($qtype eq "A" && $qname eq $striped_domain . $our_dnsbl) {
                my $vmemc_a_val = sprintf("_a_%s", lc($country_code));
                $memc_a_val = $memd->get($vmemc_a_val);
                if (defined($memc_a_val)) {
                        my ($ttl, $rdata) = (86400, $memc_a_val);
                        push @ans, Net::DNS::RR->new("$qname $ttl $qclass $qtype $rdata");
                        $rcode = "NOERROR";
                }
        } elsif ( $qname eq "dnsbl.example.com" ) {
                $rcode = "NOERROR";

        } else {
                $rcode = "NXDOMAIN";
        }

        if ($qtype eq "TXT" && $qname eq $striped_domain . $our_dnsbl) {
                my $vmemc_txt_val = sprintf("_txt_%s", lc($country_code));
                $memc_txt_val = $memd->get($vmemc_txt_val);
                if (defined($memc_txt_val)) {
                        my ($ttl, $rdata) = (86400, $memc_txt_val);
                        push @ans, Net::DNS::RR->new("$qname $ttl $qclass $qtype $rdata");
                        $rcode = "NOERROR";
                }
        } elsif ( $qname eq "dnsbl.example.com" ) {
                $rcode = "NOERROR";

        } else {
                $rcode = "NXDOMAIN";
        }

        # mark the answer as authoritive (by setting the 'aa' flag
        return ($rcode, \@ans, \@auth, \@add, { aa => 1 });
        $memd->disconnect_all();
}

my $ns = Net::DNS::Nameserver->new(
     LocalAddr    => "192.168.200.18",
     LocalPort    => 5353,
     ReplyHandler => \&reply_handler,
     Verbose      => 0,
) || die "couldn't create nameserver object\n";

$ns->main_loop;

admin July 28, 2011dnsbl, Geo Location, geoip, memcache, perlNo Comments

geoip php

Create GeoIP Badge Using PHP Image Processing And GD

When making the badges I always use javascript. This tutorial shows you how to use the GD library to dynamically create simple badges on your site.

Basically, image generation is done in three steps:

allocating an image
drawing into the allocated space
releasing the allocated data in picture format to the browser

[cfields]badgegd[/cfields]

As usual, obtaining client Ip Address simply by calling this php predefined variable, this time we will also trying to support for IPv6. One drawback, i still don’t know how to resize canvas to be fit with text if overflown, dynamically. Ie: the long IPv6 address.

<?php echo $_SERVER["REMOTE_ADDR"]; ?>

admin July 5, 2011geoip, geoip badge, php2

geoip javascript php

Show GeoIP Badge On Your Website Using PHP And JavaScript

Remember my last article about how to show visitor’s ip address on our website? today, we will modify the script a little bit to do something more interesting, not only displaying visitor’s ip address but also displaying visitor’s country and flag. Unfortunately this script unable displaying the flag and country for ipv6 yet. The badge will look something like this.
[cfields]geoipbadge[/cfields]
First thing we have to do is create badge generator, which we will use later. let’s call it geo.php

<?php
if ( isset($_SERVER["REMOTE_ADDR"]) ) {
	$IpAddr=$_SERVER["REMOTE_ADDR"];
}

$cc = geoip_country_code_by_name($IpAddr);
$country = geoip_country_name_by_name($IpAddr);

?>

if (typeof(v_geo_BackColor)=="undefined")
	v_geo_BackColor = "white";
if (typeof(v_geo_ForeColor)=="undefined")
	v_geo_ForeColor= "black";
if (typeof(v_geo_FontPix)=="undefined")
	v_geo_FontPix = "16";
if (typeof(v_geo_DisplayFormat)=="undefined")
	v_geo_DisplayFormat = "You are visiting from:<br>IP Address: %%IP%%%%FLAG%% %%COUNTRY%%";
if (typeof(v_geo_DisplayOnPage)=="undefined" || v_geo_DisplayOnPage.toString().toLowerCase()!="no")
	v_geo_DisplayOnPage = "yes";

v_geo_HostIP = "<?php echo $IpAddr; ?>";
v_geo_Country = "<?php echo $country; ?>";

<?php
if ( $cc != FALSE ) { ?>
        v_geo_Flag = "<br><img src='http://www.example.com/flags/<?php echo strtolower($cc); ?>.png' />";
        <?php
} else { ?>
        v_geo_Flag = "";
<?php
}
?>

if (v_geo_DisplayOnPage=="yes") {
	v_geo_DisplayFormat = v_geo_DisplayFormat.replace(/%%IP%%/g, v_geo_HostIP);
	v_geo_DisplayFormat = v_geo_DisplayFormat.replace(/%%FLAG%%/g, v_geo_Flag);
	v_geo_DisplayFormat = v_geo_DisplayFormat.replace(/%%COUNTRY%%/g, v_geo_Country);
	document.write("<table border='0' style='padding: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px; background-color:" + v_geo_BackColor + "; color:" + v_geo_ForeColor + "; font-size:" + v_geo_FontPix + "px'><tr><td>" + v_geo_DisplayFormat + "</td></tr></table>");
}

admin June 30, 2011geoip, javascript, php11

geoip postfix

Postfix GeoIP Based Rejections

If you intend to be able to reject connections from remote IP addresses if they’re from certain countries. This is how you do it. This method will reject ip address that has been mapped in GeoIP at smtp conversation stage. However, This tutorial has never been tested. nothing more than a prototype that i created in leisure time.

Software required:

postfix (tcp_table)
Perl
Perl Geo::IP module

main.cf:

127.0.0.1:2528_time_limit = 3600s
smtpd_client_restrictions =
	check_client_access tcp:[127.0.0.1]:2528

master.cf

127.0.0.1:2528 inet  n       n       n       -       0      spawn
	user=nobody argv=/etc/postfix/geo-reject.pl

admin May 29, 2011geoip, postfix7

geoip postfix

Postfix Bind Sender Outgoing IP, Based On GeoIP Location

This morning, when I took my daughter to school, I got the idea to experiment with postfix and GeoIP location. the idea is, if mx emails are in a geo targeted a specific location, mail delivery will be done with a certain ip address.

Ie:

Every emails with the mx hosts that have IP addresses/host mapped to the US country code, will be bind to ip 1.2.3.4.
Every emails with the mx hosts that have IP addresses/host mapped to the HK country code, will be bind to ip 5.6.7.8.

Every emails with the mx hosts that have IP addresses/host mapped to the CN country code, will be relay to our smtp nexthop in china.

And so on..

what is geolocation?

Geolocation is used to deduce the geolocation (geographic location) of another party. For example, on the Internet, one geolocation approach is to identify the subject party’s IP address, then determine what country (including down to the city and post/ZIP code level), organization, or user the IP address has been assigned to, and finally, determine that party’s location. Other methods include examination of a MAC address, image metadata, or credit card information.

But, in this experiment we just need ip/host to country code map and perl script.

Perl module required:

Net::DNS
Geo::IP
Sys::Syslog

Basic Usage perl geoip

#!/usr/bin/perl
use Geo::IP;
my $gi = Geo::IP->new(GEOIP_STANDARD);
print $gi->country_name_by_name("amazon.com");

I would still be using transport_maps and tcp_table to interact with Perl scripts. so here’s the prototype.

In Postfix part, we have custom transport like this in master.cf:

smtp-JP  unix -       -       n       -       -       smtp
	-o syslog_name=postfix-smtp-JP
	-o smtp_helo_name=smtp-JP.example.com
	-o smtp_bind_address=1.2.3.1
smtp-US  unix -       -       n       -       -       smtp
	-o syslog_name=postfix-smtp-US
	-o smtp_helo_name=smtp-US.example.com
	-o smtp_bind_address=1.2.3.2
smtp-ID  unix -       -       n       -       -       smtp
	-o syslog_name=postfix-smtp-ID
	-o smtp_helo_name=smtp-ID.example.com
	-o smtp_bind_address=1.2.3.3
smtp-CN  unix -       -       n       -       -       smtp
	-o syslog_name=postfix-smtp-CN
	-o smtp_helo_name=smtp-CN.example.com
	-o smtp_bind_address=1.2.3.4
smtp-HK  unix -       -       n       -       -       smtp
	-o syslog_name=postfix-smtp-HK
	-o smtp_helo_name=smtp-HK.example.com
	-o smtp_bind_address=1.2.3.5

admin May 28, 2011geoip, postfix3

geoip nginx

Nginx, Geo IP and Distributed Server

When you have many networks, which are located far apart and in different location. You want users to access the server closest to their network. town1 users when accessing the main server, the server will diredirect town1.example.com, and the town2's users will be redirected to town2.example.com. [xml] http { geo…

admin September 16, 2010geoip, nginx1

centos geoip iptables

Compiling iptables geoip module di centos 5

Di compile pada system centos 5, kernel 2.6.18 dan iptables 1.3.5

1. Persiapan

Download kernel source yg sekarang dipakai di centos 5 kita

# mkdir ~/geoip
# cd ~/geoip/
# uname -a
Linux host.domain.com 2.6.18-53.1.13.el5 #1 SMP Tue Feb 12 13:02:30 EST 2008 x86_64 x86_64 x86_64 GNU/Linux

# wget ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-53.1.13.el5.src.rpm

kita cuma mau mengambil linux-2.6.18.tar.bz2 nya saja(patch2 yg lain tidak kita perlukan).

# rpm2cpio kernel-2.6.18-53.1.13.el5.src.rpm | cpio -idv linux-2.6.18.tar.bz2
linux-2.6.18.tar.bz2
172734 blocks
# tar xjf linux-2.6.18.tar.bz2

admin June 28, 2009centos, geoip, iptables2