Bug #7726
closedImport Casablanca network as an externally updated feed
90%
Description
Currently we have manual group abuse@casablanca.cz, which is horribly outdated. Casablanca is not a Cesnet customer/member, but we provide them reports on a mutually beneficial basis.
We could get RIPE data for them automatically, translate them into mentat-netmgr JSON and import as new regularly updated feed (similar to #7725).
Target IPs are: report@csirt.casablanca.cz, mentat-reports+casablanca@cesnet.cz
Related issues
Updated by Jakub Judiny 8 months ago
- Related to Feature #7725: Import Metacentrum networks as an externally updated feed added
Updated by Pavel Kácha 7 months ago
Drobnost.
Seznam rozsahů Casablanky lze vytáhnout z RIPE reverzním query:
whois h whois.ripe.net - -r -Troute,route6 -i origin AS15685
Případně přes RIPE API:
wget --header 'Accept: application/json' 'https://rest.db.ripe.net/search?query-string=AS15685&type-filter=route,route6&inverse-attribute=origin'
Updated by Rajmund Hruška 7 months ago
I briefly checked the reports sent to abuse@casablanca.cz and the reported addresses seem to be totally unrelated to casablanca and they aren't in their data from RIPE. They never complained about our reports?
When this is finished, maybe it would be a good idea to also write them and tell them that they will be receiving relevant reports in the future.
Updated by Pavel Kácha 7 months ago
They actually did, they know what's happening (at least what are our plans) and I'm in contact with them, so all fine, Monča will manage.
Updated by Rajmund Hruška 7 months ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
Resolved in 32eb2971.
Updated by Pavel Kácha 7 months ago
Simple and to the point.
Just a couple of notes:
Shouldn't the netmngr --command be update?
I'd decouple both scripts and spawn them both from cronjob.
- Simpler debugging, one could run them separately and inspect intermediate data
- mentat-netmngr.py path wouldn't be hardcoded in update-casablanca.py
- One argument shell=True Popen form is generally frowned upon exactly because of the intermediate shell process
10 6 * * * mentat /etc/mentat/scripts/update-casablanca.py && /var/mentat/venv/bin/mentat-netmngr.py --regular --command update --whois-file /var/mentat/casablanca.json --source ripe
And I wouldn't even hardwire the output filename in update-casablanca.py, we can just spit it to sys.stdout and leave the rest on the shell.
(We could [ab]use cron variables to stay DRY. And maybe even to make it more readable.)
outf = /var/mentat/casablanca.json update = /etc/mentat/scripts/update-casablanca.py netmngr = /var/mentat/venv/bin/mentat-netmngr.py 10 6 * * * mentat "$update" > "$outf" && "$netmngr" --regular --command update --whois-file "$outf" --source ripe
Also, thinking of it, it might come handy to keep the "ok" version intact in case of an error, and maybe even leave it aside on success.
10 6 * * * "$update" > "$outf".tmp && "$netmngr" --regular --command update --whois-file "$outf".tmp --source ripe && mv -f "$outf" "$outf".backup && mv -f "$outf".tmp "$outf"
Or maybe even:
10 6 * * * "$update" | tee "$outf".$(date +"%Y-%m-%dT%H:%M:%S") | "$netmngr" --regular --command update --whois-file /dev/stdin --source ripe
Updated by Rajmund Hruška 7 months ago
- Status changed from Resolved to In Review
Updated by Rajmund Hruška 6 months ago
- Status changed from In Review to In Progress
- % Done changed from 100 to 90
Updated by Rajmund Hruška 6 months ago
- Status changed from In Progress to Resolved
Updated by Rajmund Hruška 6 months ago
- Status changed from Resolved to In Review