GeoLocation and IP Reputation Query
Problem this snippet solves:
Usage:
**http**://VS_IP/**geo?**{IPv4_TO_TEST | IPv6_TO_TEST}
Examples:
http://10.100.89.100/geo?8.8.8.8
http://10.100.89.100/geo?199.19.105.220
http://10.100.89.100/geo?2a02:DB8::45
How to use this snippet:
iRule Source
https://github.com/ArtiomL/f5networks/tree/master/irules/geo-query
Sample Output
IP: 199.19.105.220 GeoLocation Data Continent: NA Country: US State: Texas ISP: Network operations center inc. Org: Volumedrive IP Reputation: Scanners Proxy
Code :
#!iRule
# F5 Networks - iRule: GeoLocation and IP Reputation Query
# https://github.com/ArtiomL/f5networks
# Artiom Lichtenstein
# v1.7, 21/07/2016
#
# Usage:
# http://VS_IP/geo?{IPv4_TO_TEST | IPv6_TO_TEST}
#
# Examples:
# http://10.100.89.100/geo?8.8.8.8
# http://10.100.89.100/geo?199.19.105.220
# http://10.100.89.100/geo?2a02:DB8::45
when HTTP_REQUEST {
if { [HTTP::uri] starts_with "/geo" } {
set str_GEO_RESPONSE "Please Enter IPv4 / IPv6 Address:"
set str_IP_ADDR [substr [HTTP::uri] 5]
if { ![catch {IP::addr $str_IP_ADDR mask 255.255.255.255}] } {
log local0.info "IP: $str_IP_ADDR"
set str_GEO_RESPONSE "IP: $str_IP_ADDR
GeoLocation Data"
array set arr_GEO_DATA {
aContinent 0
bCountry 0
cState 0
dCity 0
eZIP 0
fArea_Code 0
gLatitude 0
hLongitude 0
iISP 0
jOrg 0
}
set lst_SORTED_ARR [lsort [array names arr_GEO_DATA]]
foreach i $lst_SORTED_ARR {
set str_GEO_FIELD [substr $i 1]
set arr_GEO_DATA($i) [whereis $str_IP_ADDR [string tolower $str_GEO_FIELD]]
if { ([string length $arr_GEO_DATA($i)]) && ($arr_GEO_DATA($i) ne "0") } {
set str_GEO_RESPONSE [concat $str_GEO_RESPONSE "
$str_GEO_FIELD:" [string toupper $arr_GEO_DATA($i) 0 0]]
log local0.info "$str_GEO_FIELD: $arr_GEO_DATA($i)"
}
}
set lst_IP_REP [IP::reputation $str_IP_ADDR]
if { [llength $lst_IP_REP] == 0 } { set lst_IP_REP "Good" }
else {
log local0.info "IP Reputation: $lst_IP_REP"
set lst_IP_REP [concat "" $lst_IP_REP ""]
}
set str_GEO_RESPONSE [concat $str_GEO_RESPONSE "
IP Reputation:" $lst_IP_REP]
}
HTTP::respond 200 content [subst {
F5 GeoLocation
$str_GEO_RESPONSE
}]
}
}Tested this on version:
12.0Published Mar 17, 2015
Version 1.0
No CommentsBe the first to comment