RIR to DNS converter

Description

RIR to DNS converter is a tool to convert Regional Internet Registry data to a DNS country lookup zone. You can use it to build your own DNS zone for looking up country codes from IP addresses. It uses data directly from RIPE, ARIN, APNIC, LACNIC, and AFRINIC. The data can be updated on a schedule of your choosing. The input data comes from: ftp://ftp.afrinic.net/pub/stats/afrinic/delegated-afrinic-latest ftp://ftp.apnic.net/pub/stats/apnic/delegated-apnic-latest ftp://ftp.arin.net/pub/stats/arin/delegated-arin-latest ftp://ftp.ripe.net/pub/stats/ripencc/delegated-ripencc-latest ftp://ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-latest The input data format is described in: http://www.apnic.net/db/rir-stats-format.html The output is a BIND 9 zone file that can be used to look up country codes in a similar fashion to in-addr.arpa. For example, to find out what country 203.30.47.58 is: host 58.47.30.203.rir.example.com 58.47.30.203.rir.example.com has address 127.0.65.86 where 65 and 85 are ASCII for A and U, which means 203.30.47.58 is in Australia (AU). HOW TO USE IT Just feed it the above delegated- -latest files into stdin and it will spit out the zone file to stdout. The zone file will only have the IP addresses, so you could $INCLUDE it into a zone file that contains NS records, SOA, $ORIGIN, etc. WHY USE IT You dont need the resolution of MaxMinds GeoIP database, but you do want something that is free and you want it kept up to date on a schedule that you decide. You could use this to block or tag email based on countries, block or redirect visitors to your website based on end-user country, and so on. Be very careful about blocking mail this way, though, as you may block legitimate email. Instead of blocking outright, use it in a SpamAssassin rule to add something to the spam level, based on where the email comes from. HOW IT WORKS The RIR files contain ranges of IP addresses, and indicate what CC each range is allocated to. At the simplest level, rir2dns just sorts the ranges then iterates through the IPs in each range and generates a reverse-dns-style A record that represents the country code. HOW IT WORKS - IN DETAIL Rather than iterate through each IP address, the program tries to skip through entire classes at a time (256 IPs, 65536 IPs, etc). Rather than iterate through each IP, the loop iterates through classes or IP ranges (whichever are smaller at the loop control), using control-breaks to accummulate neighbouring ranges where possible so that entire classes that are in the same country dont generate huge numbers of records. Firstly, IPs are considered to be 4-digit numbers, but in base-256. In other words, each octet is dealt with as if it were a single base-256 digit. This turns out to be convenient because optimisations of large chunks of IP space can be done by looking for places where least-significant base-256 digits are zero. Next, IP ranges are broken down into the following sub-ranges: Optional individual IP addresses (ie: 4 octets) Optional A-class ranges (ie: 3 octets) Optional B-class ranges (ie: 2 octets) Optional C-class ranges (ie: 1 octet) Optional B-class ranges (ie: 2 octets) Optional A-class ranges (ie: 3 octets) Optional individual IP addresses (ie: 4 octets) Considering that there is a pattern here, Im sure theres an elegant way to handle breaking this down into two loops (one reducing the octets and one increasing the octets), but I cant be bothered, so Ill break it down into seven loops. Kind of hard-coded, but at least its simple. For ease of processing, the IP addresses are actually converted to 32-bit numbers, then back again. This simplifies mathematics and looping through ranges. Thats pretty much it, really... Note that currently there are about 80,000 RIR records between all five registries. This takes about 35 seconds on a 2.4GHz P4 to process, and generates a 26MB file with around 3/4 million lines (RRs). This causes BIND to use about 100MB or so of memory, and on a slow machine will probably cause it to take too long to reply, while it searches the zone. That size zone can take a minute or two to load, which is quite a while. Basic algorithm: Read & process RIR data: Read RIR ranges Sort RIR ranges by start IP address Glue together contiguous ranges of the same country For each range Generate the IPs at the start of the range Generate the A-classes at the start of the range Generate the B-classes at the start of the range Generate the C-classes in the middle of the range Generate the B-classes at the end of the range Generate the A-classes at the end of the range Generate the IPs at the end of the range. Get RIR to DNS converter at SourceForge.net. Fast, secure and free downloads from the largest Open Source applications and software directory. Build your own DNS zone for looking up country codes from IP addresses. Uses data directly from RIPE, ARIN, APNIC, LACNIC, and AFRINIC. Update the data on a schedule of your choosing.

Rir - Ips - Regional Internet Registry - How - Dns Country Lookup - Data To A - Ip Addresses - Zone File - Use It - Registry Data - Country Lookup - Internet Registry - Ranges - Converter - Country - Range

Published By:Msquared

License Type:Freeware

Date Added:25 October, 2010

Version:0.1

Price:Free

Downloads:46

Size:614.4 KB

Platform: Linux

What people say
- required fields
     
Related Downloads

Hogwash Light BR is an Intrusion Prevention System that can filter packets directly in the layer 2 of the OSI model (so the machine doesnt need even an IP address).

DateAug 23, 2010

AuthorAndre Bertelli Araujo and Joao Eriberto Mota Filho

Size194.6 KB

LicenseFreeware

PriceFree

PlatformLinux

CategoryLinux Utilities

Find IPs of crackers and kiddies attempting to break in. Creates iptables rules to block attackers IPs for a specified period of time.

DateSep 20, 2010

AuthorChuck Sharp

Size45.1 KB

LicenseFreeware

PriceFree

PlatformLinux

CategoryLinux Internet

IPS HLBR program is a fork of the Hogwash project. It is an IPS (Intrusion Prevention System) that can filter packets directly in layer 2 of the OSI model (so the machine doesnt need an IP address).

DateSep 23, 2010

AuthorHLBR Team

Size194.6 KB

LicenseFreeware

PriceFree

PlatformLinux

CategoryLinux Utilities

grepcidr can filter IP addresses matching IPv4 CIDR/network specification.

DateSep 26, 2010

AuthorJem Berkes

Size21.5 KB

LicenseFreeware

PriceFree

PlatformLinux

CategoryLinux Internet

Spam Blacklist Checker can check to see if an IP address is flagged in a spam blacklist (dnsbl.sorbs.net).

DateSep 24, 2010

AuthorMatthew Gates

Size4.1 KB

LicenseFreeware

PriceFree

PlatformLinux

CategoryLinux Internet