README
¶
ipd
Go CLI app and library wrapper for Maxmind database lookups.
Usage
Lookup one IP:
$ ipd 8.8.8.8
8.8.8.8, US, GOOGLE, AS15169, good_ip
Lookup list of IPs
Via pipe:
$ cat ips.txt | ipd pipe
8.8.8.8, US, GOOGLE, AS15169, good_ip
8.8.4.4, US, GOOGLE, AS15169, good_ip
1.1.1.1, AU, CLOUDFLARENET, AS13335, good_ip
Can optionally show links to common intel services with -i flag:
$ ipd -i 8.8.8.8
8.8.8.8, US, GOOGLE, AS15169, good_ip, https://censys.io/ipv4/8.8.8.8, https://www.shodan.io/host/8.8.8.8, https://bgp.he.net/AS15169
Can take both domain/URL input if the -r flag is set.
$ cat ips.txt | ipd pipe -r
https://freebsd.org, 96.47.72.84, US, NYINTERNET, AS11403, good_ip
one.one.one.one, 1.1.1.1, AU, CLOUDFLARENET, AS13335, good_ip
8.8.4.4, 8.8.4.4, US, GOOGLE, AS15169, good_ip
Setup/Install
Currently, only Linux with GeoLite databases is supported.
You need to download the maxmind databases yourself by setting up an account and downloading the libraries yourself from Maxmind
Neccesary files are: GeoLite2-ASN.mmdb and GeoLite2-ASN.mmdb
It is recommended to manage the databases with geoipupdate it is currently in this contrib debian repos so you can install with:
sudo apt install geoipupdate
You should put the databases in /var/lib/GeoIP directory as both ipd and geoipupdate use this directory.
If your GeoIP databases are in a different folder create a config in $home/.config/ipd.yaml with the setting:
maxmind_dir: /var/lib/where-ever-your-GeoIP-folder-is
License
Documentation
¶
Index ¶
- func CheckMaxmindEnvironment() bool
- func CleanupInput(givenInput string) string
- func GetMaxmindDirFromConfig() string
- func GetMaxmindDirectory() string
- func IsFileInMaxmindDir(givenFile string) bool
- func OpenMaxmindDb(givenDbName string, givenDirectory ...string) (*geoip2.Reader, error)
- func OutputLookup(givenInput string, intel bool, resolve ...bool)
- func SimpleResolveDomain(givenInput string) (string, error)
- type IPInfo
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckMaxmindEnvironment ¶
func CheckMaxmindEnvironment() bool
CheckMaxmindEnvironment will check all neccesary files in the environment needed to function.
func CleanupInput ¶
CleanupInput does some light sanitization of the givenInput in the Lookup Func.
func GetMaxmindDirFromConfig ¶
func GetMaxmindDirFromConfig() string
GetMaxmindDirFromConfig will return the directory from the config if it exists otherwise
func GetMaxmindDirectory ¶
func GetMaxmindDirectory() string
GetMaxmindDirectory will return the expected directory for the maxmind db files according to OS
func IsFileInMaxmindDir ¶
IsFileInMaxmindDir will check if the givenFile is in the Maxmind dir and report back. If false will output to errs tream
func OpenMaxmindDb ¶
OpenMaxmindDb will open the givenDbName from the default or givenDirectory and return the Reader object
func OutputLookup ¶
OutputLookup executes and displays a single lookup to screen.
func SimpleResolveDomain ¶
SimpleResolveDomain will lookup a domain and return an IP if possible
Types ¶
type IPInfo ¶
type IPInfo struct {
Input string // given input string for a lookup
IP net.IP // net.IP representation of the IP string or input
ASNum int // Autonomous system number as int
ASNumStr string // Autonomous system number as string prefixed with "AS"
ASName string // Autonomous system name
CountryCode string // ISO Country Code
CountryName string // Country name
}
IPInfo is the struct of enriched geoip info
Source Files
Directories