asn_ipfire.sh 40 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977
  1. #!/usr/bin/env bash
  2. #######################################################################
  3. # IPFire network object creator for IPv4 addresses based on ASN information
  4. # Creates 'customnetworks' objects in /var/ipfire/fwhosts/customnetworks
  5. # Creates 'customgroups' objects in /var/ipfire/fwhosts/customgroups
  6. #######################################################################
  7. #######################################################################
  8. revision="asn_ipfire.sh v0.8.1" # do not comment out
  9. # Last updated: March 18 2023 by maloe
  10. # Author: Mike Kuketz, maloe
  11. # Visit: www.kuketz-blog.de
  12. # Source: notabug.org/maloe/ASN_IPFire_Script
  13. # License: GNU GPL v3
  14. # Copyright 2017-2023 Mike Kuketz, maloe
  15. #######################################################################
  16. #######################################################################
  17. # Constants, Filenames, Enable/Disable Sources
  18. # Config file (if exists, it overwrites the default values specified in this header)
  19. configfile=asn_script.conf
  20. # Select the download tool to be used: wget or curl.
  21. downloadtool=wget
  22. #downloadtool=curl
  23. # Timeout in seconds for availability check (-c|--check) of ASN and Network sources
  24. timeout=30
  25. # Path to IPFire customnetworks|customgroups
  26. customnetworks="/var/ipfire/fwhosts/customnetworks"
  27. customgroups="/var/ipfire/fwhosts/customgroups"
  28. # Remark for IPFire customnetworks|customgroups. This is used to identify entries made by asn_ipfire.sh.
  29. auto_remark="entry by asn_ipfire.sh"
  30. # Define custom output format. Special variables are: %network%, %company%, %number%
  31. outputline="%network%"
  32. # Location and name of the output file
  33. output_file="asn_result.lst"
  34. # Location and name of the temporary source files, needed for sources cidr-report and bgplookingglass.
  35. temp1="asn_cidrreport.tmp"
  36. temp2="asn_bgplooking.tmp"
  37. # Location and name of the tool: iprange. (optional)
  38. iprange_path="./iprange/iprange_amd64"
  39. # Local files can be used as ASN and/or network sources. To be activated by enabling "gather_ASN0" and/or "gather_NET0" into following arrays.
  40. local_asn_file="local_asn.list" # Line format: 'ASN Company' or vice versa (e.g. 'AS1234 CompanyA' or 'CompanyA AS1234')
  41. local_net_file="local_net.list" # Line format: 'network ASN' or vice versa (e.g. '1.2.3.4/24 AS5678' or 'AS5678 1.2.3.4/24')
  42. # Enable/disable ASN sources: Remove leading hashes (#) to enable ASN_sources.
  43. getASNfromCOMPANY=( \
  44. ASN_local \ # local source (local_asn_file)
  45. ASN_cidrreport \ # cidr-report.org
  46. # ASN_bgplookingglass \ # bgplookingglass.com
  47. # ASN_bgpview \ # bgpview.io (white spaces in company names not supported)
  48. ##ASN_bgphenet \ # bgp.he.net (not supported due to js requirement)
  49. )
  50. # Enable/disable network sources: Remove leading hash (#) to enable NET_sources.
  51. getNETfromASN=( \
  52. NET_local \ # local source (local_net_file)
  53. NET_ripe \ # stat.ripe.net
  54. # NET_ipinfo \ # ipinfo.io
  55. # NET_bgpview \ # bgpview.io
  56. # NET_radb \ # whois.radb.net # use only if you know what you are doing. query results may be wrong!
  57. )
  58. #######################################################################
  59. # Include configuration file
  60. thisfolder=$(dirname "$(readlink -f "$0")")
  61. if [[ -f ${thisfolder}/${configfile} ]]; then
  62. # shellcheck source=asn_script.conf
  63. . "${thisfolder}"/"${configfile}"
  64. fi
  65. #######################################################################
  66. # Gather-Functions: add further sources here and activate them in above arrays getASNfromCOMPANY() and getNETfromASN()
  67. # ASN sources: function must return a list of ASNs
  68. ASN_local() # Get ASN from local file
  69. {
  70. if [[ -f "$local_asn_file" ]]; then
  71. echo "---[Using local ASN Source file ($local_asn_file)]---"
  72. cname=$(echo "$1" | sed 's/~/ /g; s/*/.*/g') # Replace ~ with space
  73. asn_array=$(grep -i "$cname" "$local_asn_file" | grep -Eo 'AS[0-9]+')
  74. fi;
  75. }
  76. ASN_cidrreport() # Get ASN from cidr-report.org
  77. {
  78. if [[ $dl != "local" ]]; then # wget or curl available?
  79. if [[ ! -f "$temp1" ]] && [[ ${#company_array[@]} -gt 1 || $keeptemp ]]; then # Temp file not exist and more than one company names or option keeptemp is enabled
  80. touch "$temp1" 2> /dev/null # Temp file writable?
  81. if [[ -w "$temp1" ]]; then # Write temp file
  82. echo "---[Downloading ASN Source List from www.cidr-report.org]---"
  83. $dl "https://www.cidr-report.org/as2.0/autnums.html" | grep -Eo '>AS[0-9]+.*' | sed 's/^>//; s/[ ]*<\/a>[ ]*/ /' >> "$temp1"
  84. fi
  85. fi
  86. cname=$(echo "$1" | sed 's/~/ /g; s/*/.*/g') # Replace ~ with space and * with expression .*
  87. if [[ -f "$temp1" ]]; then # Read from temp file
  88. if [[ $verbose ]]; then echo "---[Using local (temporary) ASN Source List ($temp1)]---"; fi
  89. asn_array=$(grep -i "$cname" "$temp1" | grep -Eo '^AS[0-9]+')
  90. else # Read from source
  91. echo "---[Downloading ASN Source List from www.cidr-report.org]---"
  92. asn_array=$($dl "https://www.cidr-report.org/as2.0/autnums.html" | grep -i "$cname" | grep -Eo '>AS[0-9]+' | grep -Eo 'AS[0-9]+')
  93. fi;
  94. fi
  95. }
  96. ASN_bgplookingglass() # Get ASN from bgplookingglass.com
  97. {
  98. if [[ $dl != "local" ]]; then # wget or curl available?
  99. if [[ ! -f "$temp2" ]] && [[ ${#company_array[@]} -gt 1 || $keeptemp ]]; then # Temp file not exist and more than one company names or option keeptemp is enabled
  100. touch "$temp2" 2> /dev/null # Check if writable?
  101. if [[ -w "$temp2" ]]; then
  102. echo "---[Downloading ASN Source List from www.bgplookingglass.com]---"
  103. $dl "http://www.bgplookingglass.com/list-of-autonomous-system-numbers" | sed -n '/AS[0-9]/ p' | sed 's/<br \/>/\'$'\n/g; s/^[[:space:]]*<pre>//; s/[ ]\+/ /g' >> "$temp2"
  104. $dl "http://www.bgplookingglass.com/list-of-autonomous-system-numbers-2" | sed -n '/AS[0-9]/ p' | sed 's/<br \/>/\'$'\n/g; s/^[[:space:]]*<pre>//; s/[ ]\+/ /g' >> "$temp2"
  105. $dl "http://www.bgplookingglass.com/4-byte-asn-names-list" | sed -n '/AS[0-9]/ p' | sed 's/<br \/>/\'$'\n/g; s/^[[:space:]]*<pre>//; s/[ ]\+/ /g' >> "$temp2"
  106. fi
  107. fi
  108. cname=$(echo "$1" | sed 's/~/ /g; s/*/.*/g') # Replace ~ with space and * with expression .*
  109. if [[ -f "$temp2" ]]; then # Read from temp file
  110. if [[ $verbose ]]; then echo "---[Using local (temporary) ASN Source List ($temp2)]---"; fi
  111. asn_array=$(grep -i "$cname" "$temp2" | grep -Eo '^AS[0-9]+')
  112. else # Temp file not writable
  113. echo "---[Downloading ASN Source List from www.bgplookingglass.com]---"
  114. asn_array=($($dl "http://www.bgplookingglass.com/list-of-autonomous-system-numbers" | sed -n '/AS[0-9]/ p' | sed 's/<br \/>/\'$'\n/g' | grep -i "$cname" | sed 's/^[[:space:]]*<pre>//' | grep -Eo '^AS[0-9]+'))
  115. asn_array=("${asn_array[@]}" $($dl "http://www.bgplookingglass.com/list-of-autonomous-system-numbers-2" | sed -n '/AS[0-9]/ p' | sed 's/<br \/>/\'$'\n/g' | grep -i "$cname" | sed 's/^[[:space:]]*<pre>//' | grep -Eo '^AS[0-9]+'))
  116. asn_array=("${asn_array[@]}" $($dl "http://www.bgplookingglass.com/4-byte-asn-names-list" | sed -n '/AS[0-9]/ p' | sed 's/<br \/>/\'$'\n/g' | grep -i "$cname" | sed 's/^[[:space:]]*<pre>//' | grep -Eo '^AS[0-9]+'))
  117. fi
  118. fi
  119. }
  120. ASN_bgpview() # Get ASN from bgpview.io
  121. {
  122. if [[ $dl != "local" ]]; then # wget or curl available?
  123. cname=$(echo "$1" | sed 's/~/ /g; s/+/%2B/g') # Replace ~ with space and "+" with %2B
  124. asn_array=($($dl "https://bgpview.io/search/$cname" | grep -Eo 'AS[0-9]+' | uniq))
  125. fi
  126. }
  127. ASN_bgphenet() # Get ASN from bgp.he.net
  128. {
  129. if [[ $dl != "local" ]]; then # wget or curl available?
  130. cname=$(echo "$1" | sed 's/~/ /g; s/+/%2B/g') # Replace ~ with space and "+" with %2B
  131. asn_array=($($dl "https://bgp.he.net/search?search%5Bsearch%5D=$cname&commit=Search" | grep -Eo 'AS[0-9]+' | uniq))
  132. fi
  133. }
  134. # Network sources: function must return a list of CIDR networks
  135. NET_local() # Get networks from local file, sorting
  136. {
  137. if [[ -f "$local_net_file" ]]; then
  138. grep -i "$1" "$local_net_file" | grep -Eo '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/)(3[0-2]|[1-2][0-9]|0?[1-2]?[1-9])' | sed -E 's/^[0]{0,2}([0-9])/\1/g; s/\.[0]{0,2}([0-9])/.\1/g; s/\/[0]?/\//g' | sort -Vu
  139. fi
  140. }
  141. NET_ripe() # Get networks from stat.ripe.net, sorting
  142. {
  143. if [[ $dl != "local" ]]; then # wget or curl available?
  144. $dl "https://stat.ripe.net/data/announced-prefixes/data.json?resource=$1" | grep -Eo '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/)(3[0-2]|[1-2][0-9]|0?[1-2]?[1-9])' | sed -E 's/^[0]{0,2}([0-9])/\1/g; s/\.[0]{0,2}([0-9])/.\1/g; s/\/[0]?/\//g' | sort -Vu
  145. fi
  146. }
  147. NET_ipinfo() # Get networks from ipinfo.io, sorting
  148. {
  149. if [[ $dl != "local" ]]; then # wget or curl available?
  150. $dl "https://ipinfo.io/$1" | grep -Eo '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/)(3[0-2]|[1-2][0-9]|0?[1-2]?[1-9])' | sed -E 's/^[0]{0,2}([0-9])/\1/g; s/\.[0]{0,2}([0-9])/.\1/g; s/\/[0]?/\//g' | sort -Vu
  151. fi
  152. }
  153. NET_bgpview() # Get networks from bgpview.io, sorting
  154. {
  155. if [[ $dl != "local" ]]; then # wget or curl available?
  156. $dl "https://bgpview.io/asn/$1#prefixes-v4" | grep -Eo '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/)(3[0-2]|[1-2][0-9]|0?[1-2]?[1-9])' | sed -E 's/^[0]{0,2}([0-9])/\1/g; s/\.[0]{0,2}([0-9])/.\1/g; s/\/[0]?/\//g' | sort -Vu
  157. fi
  158. }
  159. NET_radb() # Get networks from whois, sorting
  160. {
  161. if [[ -x $(command -v whois 2>/dev/null) ]]; then # whois available?
  162. whois -h whois.radb.net -i origin "$1" | grep -w "route:" | grep -Eo '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/)(3[0-2]|[1-2][0-9]|0?[1-2]?[1-9])' | sed -E 's/^[0]{0,2}([0-9])/\1/g; s/\.[0]{0,2}([0-9])/.\1/g; s/\/[0]?/\//g' | sort -Vu
  163. fi
  164. }
  165. #######################################################################
  166. # NO NEED TO EDIT ANYTHING BELOW
  167. #######################################################################
  168. # Functions
  169. # Function: check for ipfire system and existence of wget or curl
  170. chkSystem()
  171. {
  172. if [[ -d /var/ipfire ]] && [[ -f /etc/init.d/firewall ]]; then # Running on ipfire system?
  173. is_ipfire=1
  174. else
  175. is_ipfire=""
  176. fi
  177. dl=local
  178. if [[ -x $(command -v wget 2>/dev/null) ]]; then
  179. dl="wget --quiet --max-redirect 1 -O -" # Use wget if existent
  180. fi
  181. if [[ -x $(command -v curl 2>/dev/null) ]]; then
  182. if [[ $dl == "local" ]] || [[ "$downloadtool" == "curl" ]]; then
  183. dl="curl --silent --location" # Use curl if existent and wget is missing
  184. fi
  185. fi
  186. if [[ $dl == "local" ]]; then
  187. echo "Warning: did not found wget nor curl. Only local sources usable." # Neither wget nor curl was found
  188. fi
  189. }
  190. # Function: check source reachability
  191. chkSource() {
  192. if [[ $dl == "wget --quiet --max-redirect 1 -O -" ]]; then # Wget
  193. for s in ${getASNfromCOMPANY[@]}; do # Loop through ASN sources
  194. echo -n "---[Checking source $s]---"
  195. case $s in
  196. ASN_local) if [ -f "$local_asn_file" ]; then echo -n " (OK)"; else echo -n " (n/a)"; fi ;;
  197. ASN_cidrreport) wget --spider --quiet --connect-timeout=$timeout --tries=1 --max-redirect 0 "https://www.cidr-report.org/as2.0/autnums.html" ;;
  198. ASN_bgplookingglass) wget --spider --quiet --connect-timeout=$timeout --tries=1 --max-redirect 1 "http://www.bgplookingglass.com/list-of-autonomous-system-numbers" ;; # Check first site only
  199. ASN_bgpview) wget --spider --quiet --connect-timeout=$timeout --tries=1 --max-redirect 0 "https://bgpview.io/search/as1" ;;
  200. ASN_bgphenet) wget --spider --quiet --connect-timeout=$timeout --tries=1 --max-redirect 0 "https://bgp.he.net/as1" ;;
  201. esac
  202. if [ $? -ne 0 ]; then echo -e "\nAbort: couldn't reach (wget) selected source $s"; exit 4; fi
  203. echo
  204. done
  205. for s in ${getNETfromASN[@]}; do # Loop through ASN sources
  206. echo -n "---[Checking source $s]---"
  207. case $s in
  208. NET_local) if [ -f "$local_net_file" ]; then echo -n " (OK)"; else echo -n " (n/a)"; fi ;;
  209. NET_ripe) wget --spider --quiet --connect-timeout=$timeout --tries=1 --max-redirect 0 "https://stat.ripe.net/data/announced-prefixes/data.json?resource=0" ;;
  210. NET_ipinfo) wget --spider --quiet --connect-timeout=$timeout --tries=1 --max-redirect 0 "https://ipinfo.io/as1" ;;
  211. NET_bgpview) wget --spider --quiet --connect-timeout=$timeout --tries=1 --max-redirect 0 "https://bgpview.io/search/" ;;
  212. esac
  213. if [ $? -ne 0 ]; then echo -e "\nAbort: couldn't reach (curl) selected source $s"; exit 4; fi
  214. echo
  215. done
  216. elif [[ $dl == "curl --silent" ]]; then # Curl
  217. for s in ${getASNfromCOMPANY[@]}; do # Loop through ASN sources
  218. echo -n "---[Checking source $s]---"
  219. case $s in
  220. ASN_local) if [ -f "$local_asn_file" ]; then echo -n " (OK)"; else echo -n " (n/a)"; fi ;;
  221. ASN_cidrreport) curl --silent --head --connect-timeout $timeout "https://www.cidr-report.org/as2.0/autnums.html" | head -1 | grep '200' >/dev/null ;;
  222. ASN_bgplookingglass) curl --silent --head --connect-timeout $timeout --location "http://www.bgplookingglass.com/list-of-autonomous-system-numbers" | grep -E 'HTTP.*200' >/dev/null ;; # Check first site only
  223. ASN_bgpview) curl --silent --head --connect-timeout $timeout "https://bgpview.io/search/as1" | head -1 | grep '200' >/dev/null ;;
  224. ASN_bgphenet) curl --silent --head --connect-timeout $timeout "https://bgp.he.net/as1" | head -1 | grep '200' >/dev/null ;;
  225. esac
  226. if [ $? -ne 0 ]; then echo -e "\nAbort: couldn't reach selected source $s"; exit 4; fi
  227. echo
  228. done
  229. for s in ${getNETfromASN[@]}; do # Loop through ASN sources
  230. echo -n "---[Checking source $s]---"
  231. case $s in
  232. NET_local) if [ -f "$local_net_file" ]; then echo -n " (OK)"; else echo -n " (n/a)"; fi ;;
  233. NET_ripe) curl --silent --head --connect-timeout $timeout "https://stat.ripe.net/data/announced-prefixes/data.json?resource=0" | head -1 | grep '200' >/dev/null ;;
  234. NET_ipinfo) curl --silent --head --connect-timeout $timeout "https://ipinfo.io/as1" | head -1 | grep '200' >/dev/null ;;
  235. esac
  236. if [ $? -ne 0 ]; then echo -e "\nAbort: couldn't reach selected source $s"; exit 4; fi
  237. echo
  238. done
  239. fi
  240. }
  241. # Function: get network mask
  242. cdr2mask()
  243. {
  244. # Number of args to shift, 255..255, first non-255 byte, zeroes
  245. set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
  246. [ $1 -gt 1 ] && shift $1 || shift
  247. echo ${1-0}.${2-0}.${3-0}.${4-0}
  248. }
  249. # Functions: get decimal IP values
  250. get_firstIP() { echo ${1/\//.} | awk -F"." '{ printf "%.0f", $1*2^24+$2*2^16+$3*2^8+$4 }'; } # First IP of network
  251. get_IPrange() { echo "$1" | awk -F"/" '{ printf "%.0f", 2^(32-$2)}'; } # IP range of network
  252. get_lastIP() { echo ${1/\//.} | awk -F"." '{ printf "%.0f", $1*2^24+$2*2^16+$3*2^8+$4+2^(32-$5)}'; } # Last IP +1 of network
  253. # Function: transform decimal IP into dot noted IP
  254. dec2ip() { echo "$1" | awk '{ printf "%i.%i.%i.%i", $1/(2^24), $1%(2^24)/(2^16), $1%(2^24)%(2^16)/(2^8), $1%(2^24)%(2^16)%(2^8)}'; }
  255. # Function: remove redundant networks
  256. rm_redundantIP() {
  257. declare -a array1=("${!1}") # Put $1 into new array
  258. declare -a array2=() # Create second array
  259. declare maxIP=0 # Initial IP for comparison
  260. declare n=0 # Counter for array
  261. for net in "${array1[@]}"; do
  262. lastIP=$(get_lastIP $net) # Get last IP(+1) of actual network
  263. if [[ $(echo $lastIP $maxIP | awk '$1>$2 {printf 1}') ]]; then # Comparing big integer. Only keep network if last IP is not covered by previous network
  264. array2[n]=$net # Write actual network into second array
  265. maxIP=$lastIP # Update maximum IP(+1)
  266. ((n++))
  267. fi
  268. done
  269. for net in "${array2[@]}"; do # Return result
  270. if [ $net ]; then echo "${net}"; fi # Skip empty lines
  271. done
  272. }
  273. # Function: consolidate adjacent networks
  274. rm_adjacentIP() {
  275. declare -a array1=("${!1}") # Put $1 into new array1
  276. declare -a array2=() # Create working array2
  277. declare n=0 # Counter for array2
  278. declare d=0 # Initial counter for adjacents
  279. declare range=0 # IP range
  280. declare prefirstIP=0 # Get decimal first IP from actual network
  281. declare prenetmask=0 # Get decimal IP range from actual network
  282. declare prelastIP=-1 # Get decimal last IP(+1) from actual network
  283. for net in "${array1[@]}"; do # Loop through network list
  284. firstIP=$(get_firstIP $net) # Get decimal first IP from actual network
  285. netmask=$(get_IPrange $net) # Get decimal IP range from actual network
  286. lastIP=$(get_lastIP $net) # Get decimal last IP(+1) from actual network
  287. range=$(echo $prenetmask $netmask | awk '{printf "%d", $1+$2;}')
  288. # If all adjecent consolidation requirements are given
  289. if [[ $(echo $firstIP $prelastIP $range $prefirstIP | awk '($1==$2) && (log($3)/log(2)==int(log($3)/log(2))) && ($4%$3==0) {printf 1}') ]]; then
  290. suffix=$(echo $range | awk '{printf "%i", 32-log($1)/log(2);}')
  291. array2[n-1]=$(dec2ip $prefirstIP)"/"$suffix
  292. prelastIP=$lastIP
  293. prenetmask=$range
  294. d=1
  295. else # No changes
  296. array2[n]=$net
  297. prelastIP=$lastIP
  298. prefirstIP=$firstIP
  299. prenetmask=$netmask
  300. ((n++))
  301. fi
  302. done
  303. if [[ d -eq 1 ]]; then # If changes done, then...
  304. d=0
  305. rm_adjacentIP array2[@] # ... next Iteration
  306. else
  307. for net in "${array2[@]}" ; do # Return result
  308. if [ $net ]; then echo "${net}"; fi # Skip empty lines
  309. done
  310. fi
  311. }
  312. # Function: print statistics
  313. show_stats() { # Requires arguments: asn_array net_array, company
  314. declare -a asn_array=("${!1}") # Put $1 (asn_list) into new array
  315. declare -a net_array=("${!2}") # Put $2 (net_list) into new array
  316. declare countIP=0 # Counter for IP
  317. countIP=$(echo ${net_array[@]} | sed 's/###.*###/0/g; s/ /\'$'\n/g' | awk -F"/" '{n += 2^(32-$2) }; END{ printf "%\047i", n}') # \047 substitues single quote "'"
  318. echo "${#net_array[@]} networks with $countIP IPs found in ${#asn_array[@]} ASNs for $3"
  319. }
  320. #######################################################################
  321. # Main procedures
  322. collectNetworks() {
  323. ttick="$(date +%s)"
  324. for company in "${company_array[@]}"; do
  325. ctick="$(date +%s)"
  326. # Get all company ASNs
  327. declare asn_array=()
  328. declare asn_list=()
  329. prnt_company=$(echo "$company" | sed 's/~/ /g; s/,//g') # Printable company name with space (and no commas)
  330. echo "---[Get all '$prnt_company' ASNs]---"
  331. for asn_gather in ${getASNfromCOMPANY[@]}; do # Loop through ASN sources
  332. $asn_gather $company
  333. asn_list=("${asn_list[@]}" "${asn_array[@]}") # Append to list)
  334. done
  335. output=$(echo "### Company: ${prnt_company} ###" | sed 's/ /_/g')" "
  336. if (( ! "${#asn_list[@]}" )); then
  337. echo "---[No ASN found for $prnt_company]---"
  338. elif [ "$1" == "--asn" ]; then
  339. for asn in "${asn_list[@]}"; do
  340. output+="$asn " # Create output text, keep the space!
  341. done
  342. result_array=("${result_array[@]}" "${output}")
  343. else
  344. asn_list=($(echo "${asn_list[@]}" | sed 's/ /\'$'\n/g' | sort -Vu)) # Linebreaking and Sorting / Adjustment for FreeBSD \'$'
  345. declare net_array=()
  346. declare net_list=()
  347. for asn in "${asn_list[@]}"; do
  348. # Store networks from ASN in file
  349. echo "---[Get $prnt_company networks for $asn]---"
  350. for net_gather in ${getNETfromASN[@]}; do # Loop through NET webservices
  351. net_array=($($net_gather $asn))
  352. net_list=($(echo "${net_list[@]}" "${net_array[@]}" | sed 's/ /\'$'\n/g' | sort -Vu)) # Append to list, sorting / Adjustment for FreeBSD \'$'
  353. done
  354. done
  355. if (( ! "${#net_list[@]}" )); then
  356. echo "---[No networks found for $prnt_company]---"
  357. else
  358. # Consolidate adjacent and overlapping netblocks
  359. before=${#net_list[@]} # Number of network entries before consolidate
  360. otick="$(date +%s)"
  361. if [[ $verbose ]]; then echo " $(show_stats asn_list[@] net_list[@] $company) ($(($(date +%s) - ctick))s)"; fi
  362. if [[ ! $raw ]]; then
  363. if [[ $use_iprange ]]; then # Optimize with iprange
  364. echo "---[Remove adjacent and overlapping netblocks with iprange]---"
  365. net_list=($("$iprange_path" -J <( echo "${net_list[@]}" | sed 's/ /\'$'\n/g') ))
  366. else # Optimize script intern (slow)
  367. echo "---[Remove adjacent and overlapping netblocks]---"
  368. net_list=($(rm_redundantIP net_list[@])) # Remove redundant networks
  369. net_list=($(rm_adjacentIP net_list[@])) # Consolidate adjacent networks
  370. fi
  371. after=${#net_list[@]} # Number of network entries after consolidate
  372. if [[ $verbose ]]; then echo " $((before - after)) of $before networks removed in $(($(date +%s) - otick))s"; fi
  373. fi
  374. # Write objects to result array
  375. echo "---[Creating objects for $prnt_company networks]---"
  376. if [[ $verbose ]] && [[ "$1" == "--network" ]]; then # Add information to objects
  377. output+=$(echo "### $(show_stats asn_list[@] net_list[@] $company) ###" | sed 's/ /_/g')" "
  378. fi
  379. for net in "${net_list[@]}"; do
  380. output+="$net " # Create output text, keep the space!
  381. done
  382. result_array=("${result_array[@]}" "${output}")
  383. if [[ $verbose ]]; then echo " $(show_stats asn_list[@] net_list[@] $company) ($(($(date +%s) - ctick))s)"; fi
  384. fi
  385. fi
  386. done
  387. if [[ $verbose ]]; then echo " total duration; ($(($(date +%s) - ttick))s)"; fi
  388. # remove temp files
  389. if [[ ! $keeptemp ]]; then
  390. echo "---[Removing temporary source files]---"
  391. if [[ -f "$temp1" ]]; then rm "$temp1"; fi
  392. if [[ -f "$temp2" ]]; then rm "$temp2"; fi
  393. fi
  394. }
  395. addNetworks() { # Write result to ipfire files
  396. # Get highest number from existing objects in [customnetworks|customgroups]
  397. if [[ -w "$customnetworks" ]]; then
  398. network_object_number=$(cut -f1 -d',' "$customnetworks" | awk '{for(i=1;i<=NF;i++) if($i>maxval) maxval=$i;}; END { print maxval;}')
  399. else
  400. echo -e "File $customnetworks not found or write protected.\nCheck your IPFire installation."
  401. exit 0
  402. fi
  403. if [[ -w "$customgroups" ]]; then
  404. group_object_number=$(cut -f1 -d',' "$customgroups" | awk '{for(i=1;i<=NF;i++) if($i>maxval) maxval=$i;}; END { print maxval;}')
  405. else
  406. echo -e "File $customgroups not found or write protected.\nCheck your IPFire installation."
  407. exit 0
  408. fi
  409. # Increase counter
  410. ((network_object_number++))
  411. ((group_object_number++))
  412. for net in ${result_array[@]}; do
  413. if [[ ${net:0:1} == "#" ]]; then
  414. prnt_company=${net//###_Company:_} # Separate company name
  415. prnt_company=${prnt_company//_###} # Separate company name
  416. prnt_company=${prnt_company/_/ }
  417. counter=1
  418. else
  419. # Separate IP and netmask
  420. ip=${net%/*}
  421. if [ "$ip" != "0.0.0.0" ]; then # Double check for invalid entry
  422. netmask=${net#*/}
  423. if [ "$netmask" == "32" ]; then echo "WARNING: Found single IP (${prnt_company}: ${ip}). This may cause an invalid entry in ipfire!"; fi # Double check for invalid entry
  424. # Write new objects to files [customnetworks|customgroups]
  425. ipf_company=$(echo "$prnt_company" | sed 's/\(.*\)/\U\1/') # Uppercase company name
  426. echo "${network_object_number},${prnt_company}-Network Nr.${counter},${ip},$(cdr2mask $netmask),${auto_remark}" >> "$customnetworks"
  427. echo "${group_object_number},${ipf_company},${auto_remark},${prnt_company}-Network Nr.${counter},Custom Network" >> "$customgroups"
  428. # Increase counter
  429. ((network_object_number++))
  430. ((group_object_number++))
  431. ((counter++))
  432. fi
  433. fi
  434. done
  435. echo "---[Results written to $output_file]---" # Resultfile info
  436. }
  437. outResults() {
  438. case "$1" in # Output result to file
  439. --asn | --network) {
  440. echo "---[Writing results to $output_file]---" # Resultfile info
  441. echo "${result_array[@]}" | sed 's/ /\'$'\n/g; s/_/ /g' > "$output_file"
  442. echo "---[Results written to $output_file]---" # Resultfile info
  443. };;
  444. --custom) {
  445. echo "---[Writing results to $output_file]---" # Resultfile info
  446. for net in ${result_array[@]}; do
  447. if [[ ${net:0:1} == "#" ]]; then
  448. echo "${net//_/ }" >> "$output_file"
  449. prnt_company=${net//###_Company:_} # Separate company name
  450. prnt_company=${prnt_company//_###} # Separate company name
  451. prnt_company=${prnt_company/_/ }
  452. number=1
  453. else
  454. output=${outputline//%network%/$net}
  455. output=${output//%company%/$prnt_company}
  456. echo ${output//%number%/$number} >> "$output_file"
  457. ((number++))
  458. fi
  459. done
  460. echo "---[Results written to $output_file]---" # Resultfile info
  461. };;
  462. *) { # Default ipfire mode
  463. echo "WARNING: unknown mode. Nothing done."
  464. };;
  465. esac
  466. }
  467. cleanupNetworks() { # Remove entries from ipfire files
  468. for ipfire_file in "$customnetworks" "$customgroups"; do
  469. if [[ -w "$ipfire_file" ]]; then
  470. if [[ $backup ]]; then
  471. if [[ $verbose ]]; then echo "---[Backing up $ipfire_file.bak ]---"; fi
  472. cp -f "$ipfire_file" "$ipfire_file.bak" # Create ipfire backup files
  473. fi
  474. if [[ ${company_array[0]} == "ALL" ]]; then # Remove all entries made by asn_ipfire.sh
  475. echo "---[Removing all objects from $ipfire_file ]---"
  476. sed -i "/,$auto_remark/Id" "$ipfire_file";
  477. else
  478. for company in "${company_array[@]}"; do
  479. ipf_company=$(echo "$company" | sed 's/~/ /g; s/,//g; s/\(.*\)/\U\1/') # Company name with space and "+"
  480. echo "---[Removing $ipf_company objects from $ipfire_file ]---"
  481. sed -i "/$ipf_company.*$auto_remark/Id" "$ipfire_file"; # Remove company entries made by asn_ipfire.sh
  482. done
  483. fi
  484. elif [[ -f "$ipfire_file" ]]; then
  485. echo -e "File $ipfire_file write protected.\nCheck your IPFire installation."
  486. fi
  487. done
  488. }
  489. removeBackup() { # Remove ipfire backup files
  490. for ipfire_file in "$customnetworks" "$customgroups"; do
  491. if [[ -w "$ipfire_file.bak" ]]; then
  492. if [[ $verbose ]]; then echo "---[Removing backup $ipfire_file.bak ]---"; fi
  493. rm -f "$ipfire_file.bak"
  494. fi
  495. done
  496. }
  497. renumberIpfireFiles() { # Renumber entries of ipfire files
  498. for ipfire_file in "$customnetworks" "$customgroups"; do
  499. if [[ -w "$ipfire_file" ]]; then
  500. if [[ $verbose ]]; then echo "---[Renumbering $ipfire_file ]---"; fi
  501. sed -i '/^$/d;=' "$ipfire_file" # Delete empty lines and add numbered lines
  502. sed -i 'N;s/\n[0-9]\+//' "$ipfire_file" # Renumber lines by consolidation
  503. else
  504. echo -e "File $ipfire_file not found or write protected.\nCheck your IPFire installation."
  505. fi
  506. done
  507. }
  508. sortIpfireFiles() { # Sort entries of ipfire files
  509. for ipfire_file in "$customnetworks" "$customgroups"; do
  510. if [[ -w "$ipfire_file" ]]; then
  511. if [[ $verbose ]]; then echo "---[Re-sorting $ipfire_file ]---"; fi
  512. sort -t, -k2,2V -o "$ipfire_file" "$ipfire_file" # Sort lines by name
  513. sed -i '/^$/d;=' "$ipfire_file" # Delete empty lines and add numbered lines
  514. sed -i 'N;s/\n[0-9]\+//' "$ipfire_file" # Renumber lines by consolidation
  515. else
  516. echo -e "File $ipfire_file not found or write protected.\nCheck your IPFire installation."
  517. fi
  518. done
  519. }
  520. restoreIpfireFiles() { # Restore ipfire file
  521. for ipfire_file in "$customnetworks" "$customgroups"; do
  522. if [[ -w "$ipfire_file" ]]; then
  523. if [[ -f "$ipfire_file.bak" ]]; then
  524. cp -f "$ipfire_file.bak" "$ipfire_file"
  525. echo "File $ipfire_file restored."
  526. else
  527. echo "No backup file $ipfire_file.bak found."
  528. fi
  529. else
  530. echo -e "File $ipfire_file not found or write protected.\nCheck your IPFire installation."
  531. fi
  532. done
  533. }
  534. listIpfireFiles () { # Show companies from ipfire files
  535. for ipfire_file in "$customnetworks" "$customgroups"; do
  536. if [[ -f "$ipfire_file" ]]; then
  537. echo "Company names (number of networks) in $ipfire_file:"
  538. grep "$auto_remark" "$ipfire_file" | cut -d, -f2,4 | cut -d- -f1 | cut -d, -f1 | uniq -c | awk -F" " '{ printf "%s (%i)\n", $2, $1 }'
  539. else
  540. echo -e "File $ipfire_file not found.\nCheck your IPFire installation."
  541. fi
  542. done
  543. }
  544. print_help() { # Help info
  545. echo "Usage: asn_ipfire.sh [OPTION] [COMPANYs | -f FILE] [PARAMETER]"
  546. echo "Add or remove networks to IPFire firewall Groups: Networks & Host Groups"
  547. echo
  548. echo "IPFire-Mode options:"
  549. echo " -a, --add Add new company networks"
  550. echo " -r, --remove Remove company networks from customnetworks & customgroups"
  551. echo
  552. echo "IPFire-Mode parameter:"
  553. echo " -l, --list List of companies already added by this script"
  554. echo " --renumber Renumber lines of customnetworks & customgroups"
  555. echo " --sort Re-sort lines of customnetworks & customgroups"
  556. echo " --backup Backup customnetworks & customgroups before change"
  557. echo " --rmbackup Remove backup files of customnetworks & customgroups"
  558. echo " --restore Restore customnetworks & customgroups from backup"
  559. echo
  560. echo "Non-IPFire-Mode options:"
  561. echo " --network Create FILE '$output_file' with networks"
  562. echo " --asn Create FILE '$output_file' with ASNs only"
  563. echo " --custom Create FILE '$output_file' with custom rules"
  564. echo
  565. echo "Common parameter:"
  566. echo " -c, --check Check source for availability"
  567. echo " -f, --file FILE Get company list from FILE"
  568. echo " -i, --interactive Ask user before a file will be overwritten"
  569. echo " -k, --keep Keep temporary source files after finish"
  570. echo " -o, --outfile FILE Custom result file FILE (Non-IPFire-Mode)"
  571. echo " --raw Networks not consolidated"
  572. echo " --iprange Use iprange tool"
  573. echo " -v, --verbose Verbose mode"
  574. echo " -V, --version Show this script version and exit"
  575. echo " -h, --help Show this help and exit"
  576. echo
  577. echo "COMPANY to be one or more company names, put into double quotes (\"...\")"
  578. echo " Multi company names must be comma separated"
  579. echo " Substitute spaces with tilde (~)"
  580. echo " Restrict to exact matches with tilde (~) before and after the name"
  581. echo " Company names are handled case insensitive."
  582. echo " example: asn_ipfire.sh --add \"CompanyA,Company~NameB,~CompanyC~\" "
  583. echo
  584. echo "FILE to be a name of a file, containing one or more company names."
  585. echo " Company names to be separated by comma or line feed."
  586. echo " examples: asn_ipfire.sh -a -f company.list "
  587. echo " asn_ipfire.sh --network -f company.list "
  588. echo
  589. echo "Option --remove only affects entries made by asn_ipfire.sh itself."
  590. echo " These entries are recognized by the 'Remark'-column in IPFire."
  591. echo " To remove all entries done by this script, use 'ALL' as COMPANY "
  592. echo " examples: asn_ipfire.sh -r \"CompanyA, CompanyB\" "
  593. echo " asn_ipfire.sh -r ALL "
  594. echo
  595. }
  596. #######################################################################
  597. # Main program
  598. tick=$(date +%s)
  599. company_array=() # Create empty company array
  600. result_array=() # Create empty result array
  601. mode="" # Initial mode
  602. verbose="" # Default verbose = OFF
  603. backup="" # Default backup of ipfire files = OFF
  604. keeptemp="" # Default interactive mode = OFF
  605. interact="" # Default Keep source temp file after finish = OFF
  606. helptext="Usage: asn_ipfire.sh [OPTION] [COMPANYs | -f FILE] \nTry ´asn_ipfire.sh --help´ for more information."
  607. chkSystem # ipfire system? wget or curl available?
  608. # Check arguments and get company array
  609. if [[ $# -eq 0 ]]; then echo -e "$helptext"; exit 1; fi # No arguments --> exit
  610. if [[ $# -gt 11 ]]; then echo -e "Too many arguments.\n""$helptext"; exit 1; fi # Too many arguments --> exit
  611. while [[ $# -gt 0 ]] ; do
  612. case "$1" in
  613. -a|--add | -r|--remove | --asn | --network | --custom) {
  614. if [[ $mode ]]; then # Mode already set
  615. echo -e "Too many arguments.\n""$helptext"
  616. exit 1
  617. else
  618. mode="$1"
  619. if [[ ! "$2" ]]; then
  620. echo -e "No COMPANY names given.\n""$helptext"
  621. exit 1
  622. elif [[ ${2:0:1} == "-" ]]; then # followed by argument instead of company names
  623. if [[ "$2" != "-f" && "$2" != "--file" ]]; then # followed by argument instead of company names
  624. echo -e "Wrong order of arguments.\n""$helptext" # Wrong order of arguments --> exit
  625. exit 1
  626. fi
  627. else
  628. company_array_from_arg=($(sed -E 's/[ ]*//g; s/[,]+/ /g; s/\[//g; s/\]//g; s/[.\/]*//g' <<< "$2")) # Trim empty entries
  629. shift
  630. fi
  631. fi
  632. };;
  633. -f | --file) {
  634. if [[ -f "$2" ]]; then # File exist
  635. company_array_from_file=($(sed 's/[ ]*//g; s/,\+/ /g; s/\[//g; s/\]//g; s/[.\/]*//g; s/#.*$//g; /^$/d;' <<< cat "$2")) # Substitute space,comma,slashes,comments,lines
  636. shift
  637. else # File not exist --> exit
  638. echo "Company file not found."
  639. echo -e "$helptext"
  640. exit 2
  641. fi
  642. };;
  643. -o | --outfile) {
  644. if [[ ! "$2" ]]; then
  645. echo -e "No output file given.\n""$helptext"
  646. exit 1
  647. else
  648. output_file="$2"
  649. shift
  650. fi
  651. };;
  652. -l|--list | --renumber | --sort | --restore | --rmbackup | -h|--help | -V|--version) {
  653. if [[ $mode ]] || [[ "$3" ]] || { [[ $interact ]] && [[ "$2" ]]; }; then # No more arguments allowed for this option, except of interact
  654. echo -e "Too many arguments.\n""$helptext" # Too many parameter --> exit
  655. exit 1
  656. else
  657. mode="$1"
  658. fi
  659. };;
  660. --backup ) { # Don't write backup Ipfire files
  661. if [[ ! $mode ]] && [[ ! "$2" ]]; then
  662. echo -e "Missing arguments.\n""$helptext"
  663. exit 1
  664. else
  665. backup=1
  666. fi
  667. };;
  668. --raw ) { # Keep temporary source files
  669. if [[ ! $mode ]] && [[ ! "$2" ]]; then
  670. echo -e "Missing arguments.\n""$helptext"
  671. exit 1
  672. else
  673. raw=1
  674. fi
  675. };;
  676. -k|--keep ) { # Keep temporary source files
  677. if [[ ! $mode ]] && [[ ! "$2" ]]; then
  678. echo -e "Missing arguments.\n""$helptext"
  679. exit 1
  680. else
  681. keeptemp=1
  682. fi
  683. };;
  684. -i|--interactive ) { # Verbose mode shows stats
  685. if [[ ! $mode ]] && [[ ! "$2" ]]; then
  686. echo -e "Missing arguments.\n""$helptext"
  687. exit 1
  688. else
  689. interact=1
  690. fi
  691. };;
  692. -v|--verbose ) { # Verbose mode shows stats
  693. if [[ ! $mode ]] && [[ ! "$2" ]]; then
  694. echo -e "Missing arguments.\n""$helptext"
  695. exit 1
  696. else
  697. verbose=1
  698. fi
  699. };;
  700. -c|--check ) { # Check source
  701. if [[ ! $mode ]] && [[ ! "$2" ]]; then
  702. echo -e "Missing arguments.\n""$helptext"
  703. exit 1
  704. else
  705. checksource=1
  706. fi
  707. };;
  708. --iprange ) { # Use iprange
  709. if [[ ! $mode ]] && [[ ! "$2" ]]; then
  710. echo -e "Missing arguments.\n""$helptext"
  711. exit 1
  712. else
  713. if [[ -x "$iprange_path" ]]; then # Check if iprange is located in script folder and executable
  714. use_iprange=1
  715. else
  716. echo "Warning: iprange not executable. Using internal optimization"
  717. use_iprange=""
  718. fi
  719. fi
  720. };;
  721. *) {
  722. echo -e "Unknown argument.\n""$helptext" # Unknown arguments --> exit
  723. exit 1
  724. };;
  725. esac
  726. shift
  727. done
  728. company_array=($(echo "${company_array_from_file[@]}" "${company_array_from_arg[@]}" | sort -uf))
  729. case $mode in
  730. -a|--add) { # Add objects to ipfire files
  731. if [[ $is_ipfire ]]; then
  732. output_file="customnetworks & customgroups"
  733. if (( ! ${#company_array[@]} )); then
  734. echo "No company names found. Nothing done!"
  735. echo "Try 'asn_ipfire.sh --help' for more information."
  736. exit 1
  737. fi
  738. if [[ $checksource ]]; then chkSource ; fi
  739. collectNetworks # Get networks and write to file
  740. if [[ $interact ]]; then
  741. echo -n "Update IPfire files now? OK[Enter]? "
  742. read -r p
  743. if [[ "$p" ]]; then
  744. echo "Nothing done to IPFire."
  745. exit 3
  746. fi
  747. fi
  748. cleanupNetworks # Remove existing entries
  749. renumberIpfireFiles # Renumbering
  750. addNetworks # Get networks and write to file
  751. echo "---[Restarting firewall]---"
  752. /etc/init.d/firewall restart 1> /dev/null # Restart firewall
  753. echo -n "---[All done!"
  754. if [[ $verbose ]]; then echo -n " ($(($(date +%s) - tick))s)"; fi
  755. echo "]---"
  756. else
  757. echo -e "IPFire not found.\nCheck your IPFire installation."
  758. fi
  759. };;
  760. -r|--remove) { # Add objects to ipfire files
  761. if [[ $is_ipfire ]]; then
  762. output_file="customnetworks & customgroups"
  763. if (( ! ${#company_array[@]} )); then
  764. echo "No company names found. Nothing done!"
  765. echo "Try 'asn_ipfire.sh --help' for more information."
  766. exit 1
  767. fi
  768. if [[ $interact ]]; then
  769. echo -n "Update IPfire files now? OK[Enter]? "
  770. read -r p
  771. if [[ "$p" ]]; then
  772. echo "Nothing done to IPFire."
  773. exit 3
  774. fi
  775. fi
  776. cleanupNetworks # Remove existing entries
  777. renumberIpfireFiles # Renumbering
  778. echo "---[Restarting firewall]---"
  779. /etc/init.d/firewall restart 1> /dev/null # Restart firewall
  780. echo -n "---[All done!"
  781. if [[ $verbose ]]; then echo -n " ($(($(date +%s) - tick))s)"; fi
  782. echo "]---"
  783. else
  784. echo -e "IPFire not found.\nCheck your IPFire installation."
  785. fi
  786. };;
  787. -l|--list) { # Function: List all company names already there by asn_ipfire
  788. if [[ $is_ipfire ]]; then
  789. listIpfireFiles
  790. else
  791. echo -e "IPFire not found.\nCheck your IPFire installation."
  792. fi
  793. };;
  794. --renumber) {
  795. if [[ $is_ipfire ]]; then
  796. verbose=1
  797. if [[ $interact ]]; then
  798. echo -n "Update IPfire files now? OK[Enter]? "
  799. read -r p
  800. if [[ "$p" ]]; then
  801. echo "Nothing done."
  802. exit 3
  803. fi
  804. fi
  805. renumberIpfireFiles
  806. else
  807. echo -e "IPFire not found.\nCheck your IPFire installation."
  808. fi
  809. };;
  810. --sort) {
  811. if [[ $is_ipfire ]]; then
  812. if [[ $interact ]]; then
  813. echo -n "Update IPfire files now? OK[Enter]? "
  814. read -r p
  815. if [[ "$p" ]]; then
  816. echo "Nothing done."
  817. exit 3
  818. fi
  819. fi
  820. verbose=1
  821. sortIpfireFiles
  822. else
  823. echo -e "IPFire not found.\nCheck your IPFire installation."
  824. fi
  825. };;
  826. --rmbackup) {
  827. if [[ $is_ipfire ]]; then
  828. verbose=1
  829. if [[ $interact ]]; then
  830. echo -n "Remove backup files now? OK[Enter]? "
  831. read -r p
  832. if [[ "$p" ]]; then
  833. echo "Nothing done."
  834. exit 3
  835. fi
  836. fi
  837. removeBackup
  838. else
  839. echo -e "IPFire not found.\nCheck your IPFire installation."
  840. fi
  841. };;
  842. --restore) {
  843. if [[ $is_ipfire ]]; then
  844. if [[ $interact ]]; then
  845. echo -n "Restore previous IPfire files now? OK[Enter]? "
  846. read -r p
  847. if [[ "$p" ]]; then
  848. echo "Nothing done to IPFire."
  849. exit 3
  850. fi
  851. fi
  852. restoreIpfireFiles
  853. else
  854. echo -e "IPFire not found.\nCheck your IPFire installation."
  855. fi
  856. };;
  857. --asn | --network | --custom ) { # Create output files
  858. if [[ ! "$output_file" ]]; then # Custom output file given?
  859. output_file="file_"${mode:2} # Generate output file
  860. output_file="${!output_file}"
  861. fi
  862. if (( ${#company_array[@]} )); then
  863. if [[ -f "$output_file" ]]; then
  864. if [[ $interact ]]; then
  865. read -r -p "Output file ($output_file) already exists! [O]verwrite, [A]ppend or abort[Enter]? " ans
  866. case "$ans" in
  867. [Oo]) : >"$output_file" ;;
  868. [Aa]) ;;
  869. *) exit 3;;
  870. esac
  871. else
  872. echo "Warning: output file ($output_file) already exists and will be overwritten!"
  873. : >"$output_file"
  874. fi
  875. else # File not exist --> exit
  876. touch "$output_file" 2> /dev/null # Check if writable?
  877. fi
  878. if [[ ! -w "$output_file" ]]; then
  879. echo "Output file ($output_file) is not writable!"
  880. exit 2
  881. fi
  882. if [[ $checksource ]]; then chkSource ; fi
  883. collectNetworks "$mode" # Get and add new networks
  884. outResults "$mode"
  885. echo -n "---[All done!"
  886. if [[ $verbose ]]; then echo -n " ($(($(date +%s) - tick))s)"; fi
  887. echo "]---"
  888. else
  889. echo "No company names found. Nothing done!"
  890. echo "Try 'asn_ipfire.sh --help' for more information."
  891. fi
  892. };;
  893. -V|--version ) { # Show version and quit
  894. echo "$revision";
  895. };;
  896. -h|--help) {
  897. print_help # Show help and quit
  898. };;
  899. *) echo -e "$helptext";; # Wrong or unknown parameter
  900. esac
  901. exit 0