[tor-commits] [metrics-cloud/master] a/exit-scanner: Add DNS zone formatting and reloading
irl at torproject.org
irl at torproject.org
Tue Mar 3 15:55:04 UTC 2020
commit 51b3d5b2ed919c9552084a84de51069e6641c6c7
Author: Iain R. Learmonth <irl at fsfe.org>
Date: Tue Mar 3 15:54:53 2020 +0000
a/exit-scanner: Add DNS zone formatting and reloading
---
ansible/roles/exit-scanner/files/exitscan.py | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/ansible/roles/exit-scanner/files/exitscan.py b/ansible/roles/exit-scanner/files/exitscan.py
index 11e9e56..26ac6cf 100644
--- a/ansible/roles/exit-scanner/files/exitscan.py
+++ b/ansible/roles/exit-scanner/files/exitscan.py
@@ -2,6 +2,7 @@
import collections
import datetime
import glob
+import ipaddress
import json
import os
import os.path
@@ -99,6 +100,31 @@ def run():
pass # ok maybe this is the first time we run
os.symlink(os.path.abspath(f"lists/{filename}"), "lists/latest")
+ # Format a DNS zone
+ with open(f"dnsel.torproject.org", "w") as out:
+ out.write("""$TTL 1200 ; seconds
+$ORIGIN dnsel.torproject.org.
+
+@ 1D IN SOA check-01.torproject.org. metrics-team.lists.torproject.org. (
+ """ + datetime.datetime.utcnow().strftime("%y%m%d%H%M") + """
+ 1H ; refresh
+ 15 ; retry
+ 1H ; expire
+ 15 ; nxdomain ttl
+ )
+ IN NS check-01.torproject.org.
+""")
+ exit_addresses = collections.defaultdict(list)
+ for desc in exits.values():
+ for exit_address in desc.exit_addresses:
+ exit_addresses[exit_address[0]].append(desc.fingerprint)
+ for exit_address in exit_addresses:
+ reverse = ipaddress.ip_address(exit_address).reverse_pointer.split(".i")[0]
+ out.write(reverse + " IN A 127.0.0.2\n")
+ for fingerprint in exit_addresses[exit_address]:
+ out.write(reverse + " IN TXT \"" + fingerprint + "\"\n")
+ os.system("sudo /usr/sbin/rndc reload dnsel.torproject.org")
+
if __name__ == "__main__":
while True:
start = datetime.datetime.utcnow()
More information about the tor-commits
mailing list