我使用 MaxMind 的 GeoLite。我真正的任务是通过特定的 IP 来确定我们系统中的 CityId。在 MaxMind 中,我通过 IP 找到 locid,然后使用手工制作的 locid 和我们的 CityId 之间的交叉表。但是这个交叉表是不完整的。我从 MaxMind 找到了很好的本地化文件,其中每个 locid 都映射到 GeoNames id。GeoNames id 对我有好处,但这个文件未完成。例如,此文件中没有伯明翰。那么,有人有这样的问题吗?如果有什么方法可以决定呢?
问问题
1755 次
3 回答
1
MaxMind 的GeoLite2 数据库返回 GeoNames ID。
于 2014-01-30T15:49:18.010 回答
1
这是一个三部分,可为您提供所有所需的输出。由您来包装,但会提供所有城市信息。通过 lon lat 和 iprange 的反向查找。
它以 pythonGeoIP
示例进行 1 个 IP 查找。然后剥离 IP 范围。查找每个范围。然后标记它的城市/ lon lat。这不是每个城市的每个 IP。但它会给你主要的供应商,如果不是完全准确的话,它会给你一个非常接近的估计他们在哪个城市或附近。
1)
#!/usr/bin/python
import GeoIP
gi = GeoIP.open("/bin/script/tbl/state/GeoLiteCity.dat",GeoIP.GEOIP_STANDARD)
with open ("city.txt", "r") as myfile:
data=myfile.read().replace('\n', '')
gir = gi.record_by_addr(data)
if gir != None:
print gir['city']
print gir['region']
print gir['region_name']
print gir['latitude']
print gir['longitude']
2)
#!/bin/bash
cd /bin/script/tbl/state
for state in $(cat state.abrv); do
state=$(echo $state)
cat outputfile | grep $state | cut -f1 -d"," > SB
output=sb.csv
echo "ip,country" > $output
for i in $( cat SB );
do echo "$i,\"$( geoiplookup -f GeoLiteCity.dat $i -i | cut -d' ' -f4-99 )\"" >> $output
done
echo "a" > sb1.csv && echo "a" >> sb1.csv && echo "a" >> sb1.csv
cat sb.csv >> sb1.csv
awk 'NR == 1 || NR % 7 == 0' sb1.csv | tr -d ' ' | tr '-' '/' > sb.csv
tail -n +2 "sb.csv" > $state
rm SB sb.csv sb1.csv
done
然后,您可以像这样生成一个快速可加载的脚本iptables
。这会创建一个新的链条,因此您可以先将全部捕获。Python 会将这些加载到链的顶部。然后,您可以继续设置主链,而无需等待 30 分钟即可加载。(当然取决于你的电脑)
#IPT=/sbin/iptables
#ACT=/bin/script/tbl/state/active.txt
#Py=/usr/bin/python
#suba='p=subprocess.Popen(["'
#subb='"],?stdout?=?subprocess.PIPE)'
#sub2='output?,?err?=?p.communicate()'
#sub3='print?output'
#
#### Any Changes?
#if diff 'active.txt' 'active.old' > /dev/null; then
# echo 'Loading Group Interests'
# /bin/bash state.bash
# $Py state.py
# exit
#else
# echo 'Modifying Rules For'
# echo $(diff active.txt active.old | head -50 | tail -49 | cut -f2 -d'0')
#fi
#
### Then lets go
# echo '#!/bin/bash' > state.bash
# echo '#!/usr/bin/python' > state.py
# echo 'import?subprocess' >> state.py
#
#for state in $(cat $ACT)
#do
# echo $IPT' -N '$state >> state.bash
# echo $IPT' -A '$state' -j DROP' >> state.bash
#done
#/bin/bash state.bash
#
#for state in $(cat $ACT)
#do
# BADIPS=$(egrep -v -E "^#|^$" $state | sed 's/[A-Za-z]*//g' | tr -d ":")
# for ip in $BADIPS
# do
# echo $ip | cut -f1 -d'/' > city.txt
# $Py city.py | head -4 | tail -1 > lon.ip
# $Py city.py | head -5 | tail -1 > lat.ip
# city=$(cat city.ip | tr ' ' '_')
# lon=$(cat lon.ip)
# lat=$(cat lat.ip)
# echo $suba'iptables -A INPUT -s '$ip' -j '$state$subb >> state.py
# echo $sub2 >> state.py
# echo $sub3 >> state.py
# echo $suba'iptables -A FORWARD -s '$ip' -j '$state$subb >> state.py
# echo $sub2 >> state.py
# echo $sub3 >> state.py
# echo $suba'iptables -A OUTPUT -d '$ip' -j '$state$subb >> state.py
# echo $sub2 >> state.py
# echo $sub3 >> state.py
# echo $suba"iptables -A "$state" -s "$ip" -j LOG --log-prefix \
#'STATE_,"$ip","$state","$city","$lon":"$lat",_OUT_:'"$subb >> state.py
# echo $sub2 >> state.py
# echo $sub3 >> state.py
# echo $suba"iptables -A "$state" -d "$ip" -j LOG --log-prefix \
#'STATE_,"$ip","$state","$city","$lon":"$lat",_IN_:'"$subb >> state.py
# echo $sub2 >> state.py
# echo $sub3 >> state.py
# echo $suba"iptables -A "$state" -s "$ip" -j LOG --log-prefix \
'STATE_,"$ip","$state","$city","$lon":"$lat",_OUT_:'"$subb >> state.py
# echo $sub2 >> state.py
# echo $sub3 >> state.py
# echo $suba"iptables -A "$state" -d "$ip" -j LOG --log-prefix #'STATE_,"$ip","$state","$city","$lon":"$lat",_IN_:'"$subb >> state.py
# echo $sub2 >> state.py
# echo $sub3 >> state.py
# done
#done
### MAGIC
sed 's/ /"','"/g' state.py > state1.py
cat state1.py | tr '?' ' ' > state.py
sleep 3
python state.py
cat active.txt > active.old
### adapting this to ASN or country is way easier.
### your welcome
### last time I post anything on this webpage. There is NOTHING wrong with my formatting. go cry about it
于 2014-02-19T18:32:25.590 回答
0
在我找到这个之前,我无法在 maxmind 数据库 geolite2 中为国家/地区匹配 geoname_id 和 registered_country_geoname_id:
https://www.kaggle.com/geonames/geonames-database?select=geonames.csv
于 2020-10-06T08:39:04.810 回答