[Rtir] Some questions, some comments...

Ruediger Riediger ruediger.riediger at sun.com
Wed Oct 22 10:03:28 EDT 2003


Hi,

Jorn Hass wrote:
> I would therefore possibly like to run a local whois server, with
> contact details for our specific needs.
> Has anyone got any experience in setting up a whois server with local
> content, and if so, where do I start looking for source and docs etc.?

easy to do, you just need to have a script take the incoming IP address 
and look it up in a database, then print the corresponding output. I 
have added the inetd.conf line and *extracts* of our local tool.
Use at your own risk, no warranty or support.

/etc/inet/inetd.conf
whois   stream  tcp     nowait  nobody  /home/whois/subnet-query 
subnet-query

/home/whois/subnet-query
#!/bin/perl -Tw

use strict;

my $fn="/home/whois/subnets";# Site
# this is a TAB sepoerated list with:
# Date
# Start
## End <- inserted by this program, not part of original list!
# Netmask
# site contact
# ...further fields...

my @line;
my @start;
my @end;
...some more variable...


open(SUBNETS, "< $fn") or die "Cannot open $fn: $!";
while(<SUBNETS>)
{
         chomp;
	@line = split(/\t/, $_);
         @start = ();
         @end = ();
         push( @{ $subnet{$line[2]} }, @line );
         @start = ($1, $2, $3, $4) if($line[2] =~ 
/^([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])$/);
         @end = ($1, $2, $3, $4) if($line[3] =~ 
/^([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])$/);
         if( ($#start == 3) && ($#end == 3) )
         {
                 for ($i=0; $i<4; $i++)
                 {
                         $end[$i] = ( $start[$i] | ( 255 ^ $end[$i] ) );
                 }
                 splice( @{ $subnet{$line[2]} }, 3, 0, 
"$end[0].$end[1].$end[2].$end[3]" );
         }
}
close(SUBNETS) or die "Cannot close $fn: $!";

$_=<STDIN>;
{
         chomp;
	@ip = ();
         @ip = ($1, $2, $3, $4) 
if(/\b([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\b/);
         next unless($#ip == 3);


                foreach (keys %subnet)
                 {
                         @line = @{ $subnet{$_} };
                         @start = ($1, $2, $3, $4) if($line[2] =~ 
/^([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])$/);
                         @end = ($1, $2, $3, $4) if($line[3] =~ 
/^([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])$/);
                         next if($start[0] > $ip[0]);
                         next if($end[0] < $ip[0]);
                         next if($start[1] > $ip[1]);
                         next if($end[1] < $ip[1]);
                         next if($start[2] > $ip[2]);
                         next if($end[2] < $ip[2]);
                         next if($start[3] > $ip[3]);
                         next if($end[3] < $ip[3]);

                         found();
                 }

}

"sub found" is actually printing (to STDOUT) the information for the 
match, but it does a lot more (like cross-correlating information from 
LDAP server) to repeat here. I guess I can leave the rest as an exercise.


Best regards,

	Ruediger Riediger

-- 
Dr. Ruediger Riediger                              Sun Microsystems GmbH
NSG - SunCERT                                             Komturstr. 18a
mailto:Ruediger.Riediger at Sun.com                          D-12099 Berlin
------------------------------------------------------------------------
NOTICE:  This email message is for the sole use of the intended
recipient(s) and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution is prohibited.
If you are not the intended recipient, please contact the sender by
reply email and destroy all copies of the original message.
------------------------------------------------------------------------
PGP 2048RSA/0x2C5020E9          964C E189 0FF0 8882  2BAB 65E2 6912 1FF2
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 540 bytes
Desc: not available
Url : http://pallas.eruditorum.org/pipermail/rtir/attachments/20031022/dcfc3cb4/attachment.pgp


More information about the Rtir mailing list