-
Notifications
You must be signed in to change notification settings - Fork 6
/
update_geoipdb.sh
102 lines (78 loc) · 3 KB
/
update_geoipdb.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
#!/bin/bash
Version="0.0.10"
Updated="11/19/20"
TestedOn="BigIP 15.1 (VE)"
Authors="
Christopher MJ Gray | Sr. Product Owner - SP | NA | F5 Networks | 609 310 1747 | cgray@f5.com | https://github.com/c2theg/F5_DDoS_BP
"
echo "This script will update the
"
echo 'Geolocation (ip-geolocation.zip)
To download the database, use the following and re-run this script.
curl -O "ip-geolocation.zip" "https://some_server_online_where_the_ip_db_is"
curl -O "ip-geolocation.zip.md5" "https://some_server_online_where_the_ip_db_is.md5"
'
#--- GeoLocation ----
if [ -f "ip-geolocation.zip" ]; then
echo "FOUND!"
else
echo "ip-geolocation.zip NOT FOUND! "
echo "Provide the FQDN where ip-geolocation.zip can be located: "
read -p 'ip-geolocation.zip: ' fqdn_geozip
echo "Provide the FQDN to download the MD5 hash for ip-geolocation.zip.md5 can be located: "
read -p 'ip-geolocation.zip.md5: ' fqdn_geozip_md5
echo "Downloading db... "
curl -o "ip-geolocation.zip" $fqdn_geozip
echo "Download md5 ... "
curl -o "ip-geolocation.zip.md5" $fqdn_geozip_md5
fi
echo "
"
#--- GeoLocation Database ---
# https://support.f5.com/csp/article/K11176
# FYI: Default path: /config
if [ -f "ip-geolocation.zip" ]; then
echo "Backing up database... "
mkdir /shared/GeoIP/
mkdir /shared/GeoIP_backup/
cp -R /shared/GeoIP/* /shared/GeoIP_backup/
wait
sleep 2
echo "Moving Geolocation databases... "
mv ip-geolocation.zip /shared/tmp
mv ip-geolocation.zip.md5 /shared/tmp
echo "Updating Geolocation Database... "
cd /shared/tmp
md5sum -c ip-geolocation.zip.md5
# if md5sum is ok...
unzip -o ip-geolocation.zip
'''
[root@ddos-inline:Active:Standalone] tmp # unzip ip-geolocation.zip
Archive: ip-geolocation.zip
inflating: geoip-data-v2-Region2-2.0.0-20200420.436.0.i686.rpm
inflating: geoip-data-v2-ISP-2.0.0-20200420.436.0.i686.rpm
inflating: geoip-data-v2-Org-2.0.0-20200420.436.0.i686.rpm
inflating: README.txt
'''
#- for each file in the unzip-
# geoip_update_data -f </path/to/rpm>
# geoip_update_data -f /shared/tmp/geoip-data-Org-1.0.1-20120627.30.0.i686.rpm
# geoip_update_data -f *.rpm
geoip_update_data -f geoip-data-v2-Region*.rpm
geoip_update_data -f geoip-data-v2-ISP-*.rpm
geoip_update_data -f geoip-data-v2-Org-*.rpm
#geoip_update_data -f *.rpm
#- to Test
geoip_lookup -f /shared/GeoIP/v2/F5GeoIPOrg.dat 65.61.115.197
#opening database in /shared/GeoIP/v2/F5GeoIPOrg.dat
#size of geoip database = 180356873, version = GEO-146 20120627 Build 1 Copyright (c) F5 Networks Inc All Rights Reserved
#geoip_seek = 014f0ad1
#geoip record ip = 65.61.115.197
#name = f5 networks
#--- Delete files afterwards ---
rm -rf /shared/tmp/ip-geolocation.zip
rm -rf /shared/tmp/ip-geolocation.zip.md5
rm -rf /shared/tmp/geoip-data-v2-*
else
echo "SKIPPING Geolocation Update! File not found (ip-geolocation.zip) "
fi