Specific Network Querying

Wed Dec 29 16:23:21 UTC 2010

You may want to look at Capirca (http://code.google.com/p/capirca/) for
creating policy files from which to generate your firewall rulesets. I am
not aware of a simple categorization of netblocks. My first thought is that
an agreement with every RIR for bulk whois data and writing code to parse /
categorize would be quite difficult and may not get you a reasonable result
after all that work - maybe there is something commercially available.

-Ryan

On Wed, Dec 29, 2010 at 9:01 AM, J. Oquendo <sil at infiltrated.net> wrote:

>
> Good morning and happy holidays all. I'm in the process of creating an
> automated filtering application and would like to know if anyone can
> point me to the right place. I'd like to be able to query a
> site/db/etc., and pull out specific netblocks to create fw rules. Since
> IP space is always changing, it would be helpful if my queries can be
> tailored to something like:
>
> wget site | Parse IP space | grep Company | create rule
>
> Or:
>
> wget site | Parse IP space | grep {EDU_IP_SPACE,MIL_SPACE,GOV_SPACE} |
> create rule
>
> Follow?
>
> Right now I am using potaroo with something like :
>
> wget -qO -
> http://bgp.potaroo.net/ipv4-stats/allocated-{apnic.html,ripe.html, etc}
>
> But this just gives me entire blocks, not who is behind them. Is there
> any site I could use to query specifics? E.g., for a gov client: wget
> -qO - this.site.org | grep "\.gov" | parse_with_awk '{print "fw_rule"}'
>
> Thanks in advance and Happy New Year to everyone.
>
>
> --
>
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> J. Oquendo
> SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT
>
> "It takes 20 years to build a reputation and five minutes to
> ruin it. If you think about that, you'll do things
> differently." - Warren Buffett
>
> 227C 5D35 7DCB 0893 95AA  4771 1DCE 1FD1 5CCD 6B5E
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E
>
>
>