Replace geoip module with MaxMind's module

348dc350 · Pierre LALET · 454f200a · 348dc350 · 348dc350 · 454f200a
Commit 348dc350 authored Jan 30, 2016 by Pierre LALET
--- a/scapy/config.py
+++ b/scapy/config.py
@@ -374,6 +374,8 @@ extensions_paths: path or list of paths where extensions are to be looked for
    stats_dot11_protocols = []
    temp_files = []
    netcache = NetCache()
+    geoip_city = '/usr/share/GeoIP/GeoLiteCity.dat'
+    gnuplot_world = "world.dat"
    load_layers = ["l2", "inet", "dhcp", "dns", "dot11", "gprs",
                   "hsrp", "inet6", "ir", "isakmp", "l2tp", "mgcp",
                   "mobileip", "netbios", "netflow", "ntp", "ppp",

--- a/scapy/layers/inet.py
+++ b/scapy/layers/inet.py
@@ -10,6 +10,8 @@ IPv4 (Internet Protocol v4).
 import os,time,struct,re,socket,new
 from select import select
 from collections import defaultdict
+import Gnuplot
+
 from scapy.utils import checksum
 from scapy.layers.l2 import *
 from scapy.config import conf
@@ -1111,7 +1113,8 @@ class TracerouteResult(SndRcvList):
                
                
    def world_trace(self):
-        from modules.geo import locate_ip
+        import GeoIP
+        db = GeoIP.open(conf.geoip_city, 0)
        ips = {}
        rt = {}
        ports_done = {}
@@ -1139,9 +1142,12 @@ class TracerouteResult(SndRcvList):
                ip = trace.get(i,None)
                if ip is None:
                    continue
-                loc = locate_ip(ip)
+                loc = db.record_by_addr(ip)
                if loc is None:
                    continue
+                loc = loc.get('longitude'), loc.get('latitude')
+                if loc == (None, None):
+                    continue
 #                loctrace.append((ip,loc)) # no labels yet
                loctrace.append(loc)
            if loctrace:

--- a/scapy/modules/geoip.py
+++ b/scapy/modules/geoip.py
-## This file is part of Scapy
-## See http://www.secdev.org/projects/scapy for more informations
-## Copyright (C) Philippe Biondi <phil@secdev.org>
-## This program is published under a GPLv2 license
-
-"""
-GeoIP: find out the geographical location of IP addresses
-"""
-
-from scapy.data import KnowledgeBase
-from scapy.config import conf
-
-conf.IPCountry_base = "GeoIPCountry4Scapy.gz"
-conf.countryLoc_base = "countryLoc.csv"
-conf.gnuplot_world = "world.dat"
-
-
-##########################
-## IP location database ##
-##########################
-
-class IPCountryKnowledgeBase(KnowledgeBase):
-    """
-How to generate the base :
-db = []
-for l in open("GeoIPCountryWhois.csv").readlines():
-    s,e,c = l.split(",")[2:5]
-    db.append((int(s[1:-1]),int(e[1:-1]),c[1:-1]))
-cPickle.dump(gzip.open("xxx","w"),db)
-"""
-    def lazy_init(self):
-        self.base = load_object(self.filename)
-
-
-class CountryLocKnowledgeBase(KnowledgeBase):
-    def lazy_init(self):
-        f=open(self.filename)
-        self.base = {}
-        while 1:
-            l = f.readline()
-            if not l:
-                break
-            l = l.strip().split(",")
-            if len(l) != 3:
-                continue
-            c,lat,long = l
-            
-            self.base[c] = (float(long),float(lat))
-        f.close()
-            
-        
-
-@conf.commands.register
-def locate_ip(ip):
-    """Get geographic coordinates from IP using geoip database"""
-    ip=map(int,ip.split("."))
-    ip = ip[3]+(ip[2]<<8L)+(ip[1]<<16L)+(ip[0]<<24L)
-
-    cloc = country_loc_kdb.get_base()
-    db = IP_country_kdb.get_base()
-
-    d=0
-    f=len(db)-1
-    while (f-d) > 1:
-        guess = (d+f)/2
-        if ip > db[guess][0]:
-            d = guess
-        else:
-            f = guess
-    s,e,c = db[guess]
-    if  s <= ip and ip <= e:
-        return cloc.get(c,None)
-
-
-
-
-
-conf.IP_country_kdb = IPCountryKnowledgeBase(conf.IPCountry_base)
-conf.country_loc_kdb = CountryLocKnowledgeBase(conf.countryLoc_base)