siosios
04-28-2024, 05:12 AM
The IPFire Location database comes with a small and lightweight library that we call ''libloc''. It is written in C and implements the core functionality of IPFire Location. But what if you want to use it in another piece of software? We already have bindings for Python and Perl allowing the database being integrated seamlessly into applications written in those. And finally, another important addition is here: Lua!
Lua is a lightweight language that is being used wherever an easy way to script something is needed. That can either be small programs which are quickly implemented in Lua without learning too much programming, but it is also very commonly used to extend existing software by allowing to load small scripts into it. Those are for example Apache, nmap, PowerDNS, Knot DNS, Suricata, Snort and HAProxy, as well as plenty more...
A Plethora Of Possible ApplicationsBecause there are so many possible applications for Location data, there is almost an infinite amount of ideas and opportunities around. For example:
Your web application could receive the location of a client in the request headers added by Apache (https://httpd.apache.org/docs/trunk/mod/mod_lua.html) or HAProxy (https://www.haproxy.com/documentation/haproxy-lua-api/getting-started/introduction/). That allows blocking certain services for certain countries or networks on the internet. You can also apply rate-limiting features based on the user's location to protect against DoS attacks. Or you can send the origin of a connection to a third-party application in the HTTP request headers.
You could collect statistics about where your DNS queries are coming from with PowerDNS Recursor (https://doc.powerdns.com/recursor/lua-scripting/index.html).
You can write a custom protocol parser for your IPS with Suricata (https://docs.suricata.io/en/latest/lua/lua-usage.html) and use Location information.
Basically anything that makes or accepts an IP connection can be enhanced using a very short script. Lua is incredibly lightweight and therefore fast, adding negligible overhead for most applications.
At this stage, we do not have all documentation ready about the new module. But there is a test case (https://git.ipfire.org/?p=location/libloc.git;a=blob;f=tests/lua/main.lua;h=e139b2dc2171ee65bb52972dec99b1df15244c2 9;hb=HEAD) that has some examples and this snippet to get you started:
-- Load the location module
location = require("location")
-- Open the database
db = location.Database.open("/usr/share/location/database.db")
-- Perform a lookup
network = db:lookup("81.3.27.38")
print(network) # 81.3.0.0/18
-- Fetch an Autonomous System
as = db:get_as(204867)
print(as) # AS204867 - Lightning Wire Labs GmbH
If you have another application for this, get in touch and let me know!
More... (https://www.ipfire.org/blog/ipfire-location-lua-bindings-for-fun-and-profit)
Lua is a lightweight language that is being used wherever an easy way to script something is needed. That can either be small programs which are quickly implemented in Lua without learning too much programming, but it is also very commonly used to extend existing software by allowing to load small scripts into it. Those are for example Apache, nmap, PowerDNS, Knot DNS, Suricata, Snort and HAProxy, as well as plenty more...
A Plethora Of Possible ApplicationsBecause there are so many possible applications for Location data, there is almost an infinite amount of ideas and opportunities around. For example:
Your web application could receive the location of a client in the request headers added by Apache (https://httpd.apache.org/docs/trunk/mod/mod_lua.html) or HAProxy (https://www.haproxy.com/documentation/haproxy-lua-api/getting-started/introduction/). That allows blocking certain services for certain countries or networks on the internet. You can also apply rate-limiting features based on the user's location to protect against DoS attacks. Or you can send the origin of a connection to a third-party application in the HTTP request headers.
You could collect statistics about where your DNS queries are coming from with PowerDNS Recursor (https://doc.powerdns.com/recursor/lua-scripting/index.html).
You can write a custom protocol parser for your IPS with Suricata (https://docs.suricata.io/en/latest/lua/lua-usage.html) and use Location information.
Basically anything that makes or accepts an IP connection can be enhanced using a very short script. Lua is incredibly lightweight and therefore fast, adding negligible overhead for most applications.
At this stage, we do not have all documentation ready about the new module. But there is a test case (https://git.ipfire.org/?p=location/libloc.git;a=blob;f=tests/lua/main.lua;h=e139b2dc2171ee65bb52972dec99b1df15244c2 9;hb=HEAD) that has some examples and this snippet to get you started:
-- Load the location module
location = require("location")
-- Open the database
db = location.Database.open("/usr/share/location/database.db")
-- Perform a lookup
network = db:lookup("81.3.27.38")
print(network) # 81.3.0.0/18
-- Fetch an Autonomous System
as = db:get_as(204867)
print(as) # AS204867 - Lightning Wire Labs GmbH
If you have another application for this, get in touch and let me know!
More... (https://www.ipfire.org/blog/ipfire-location-lua-bindings-for-fun-and-profit)