You may want to look at Capirca (http://code.google.com/p/capirca/) for creating policy files from which to generate your firewall rulesets. I am not aware of a simple categorization of netblocks. My first thought is that an agreement with every RIR for bulk whois data and writing code to parse / categorize would be quite difficult and may not get you a reasonable result after all that work - maybe there is something commercially available. -Ryan On Wed, Dec 29, 2010 at 9:01 AM, J. Oquendo <sil@infiltrated.net> wrote:
Good morning and happy holidays all. I'm in the process of creating an automated filtering application and would like to know if anyone can point me to the right place. I'd like to be able to query a site/db/etc., and pull out specific netblocks to create fw rules. Since IP space is always changing, it would be helpful if my queries can be tailored to something like:
wget site | Parse IP space | grep Company | create rule
Or:
wget site | Parse IP space | grep {EDU_IP_SPACE,MIL_SPACE,GOV_SPACE} | create rule
Follow?
Right now I am using potaroo with something like :
wget -qO - http://bgp.potaroo.net/ipv4-stats/allocated-{apnic.html,ripe.html, etc}
But this just gives me entire blocks, not who is behind them. Is there any site I could use to query specifics? E.g., for a gov client: wget -qO - this.site.org | grep "\.gov" | parse_with_awk '{print "fw_rule"}'
Thanks in advance and Happy New Year to everyone.
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT
"It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently." - Warren Buffett
227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E