/* * ENTRADA, a big data platform for network data analytics * * Copyright (C) 2016 SIDN [https://www.sidn.nl] * * This file is part of ENTRADA. * * ENTRADA is free software: you can redistribute it and/or modify it under the terms of the GNU * General Public License as published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * ENTRADA is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even * the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General * Public License for more details. * * You should have received a copy of the GNU General Public License along with ENTRADA. If not, see * [<http://www.gnu.org/licenses/]. * */ package nl.sidnlabs.entrada.enrich.resolver; import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.List; import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClientBuilder; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import org.springframework.util.StreamUtils; import lombok.extern.log4j.Log4j2; /** * check if an IP address is a Cloudflare open resolver. * */ @Log4j2 @Component public final class CloudFlareResolverCheck extends AbstractResolverCheck { private static final String RESOLVER_STATE_FILENAME = "cloudflare-resolvers"; private static final String RESOLVER_NAME = "CloudFlare"; @Value("${cloudflare.resolver.ipv4.url}") private String urlV4; @Value("${cloudflare.resolver.ipv6.url}") private String urlV6; @Value("${cloudflare.resolver.timeout:15}") private int timeout; @Override protected List<String> fetch() { int timeoutInMillis = timeout * 1000; RequestConfig config = RequestConfig .custom() .setConnectTimeout(timeoutInMillis) .setConnectionRequestTimeout(timeoutInMillis) .setSocketTimeout(timeoutInMillis) .build(); CloseableHttpClient client = HttpClientBuilder.create().setDefaultRequestConfig(config).build(); List<String> subnets = new ArrayList<>(); process(client, urlV4, subnets); process(client, urlV6, subnets); return subnets; } private void process(CloseableHttpClient client, String url, List<String> subnets) { log.info("Fetch CloudFlare resolver addresses from url: " + url); HttpGet get = new HttpGet(url); try (CloseableHttpResponse response = client.execute(get)) { String content = StreamUtils.copyToString(response.getEntity().getContent(), StandardCharsets.UTF_8); if (log.isDebugEnabled()) { log.debug("content: {}", content); } String[] addresses = content.split("\n"); for (String subnet : addresses) { if (log.isDebugEnabled()) { log.debug("Add CloudFlare resolver IP range: {}", subnet); } subnets.add(subnet); } } catch (Exception e) { log.error("Problem while adding CloudFlare resolvers for url: {}", url, e); } } @Override public String getFilename() { return RESOLVER_STATE_FILENAME; } @Override public String getName() { return RESOLVER_NAME; } }