From 594a26eabe01b3289fb4632cb708758957001c37 Mon Sep 17 00:00:00 2001 From: Keith Date: Mon, 24 Jan 2022 12:12:53 -0800 Subject: [PATCH] Update SecKit_geo_lookup.py "GeoIP2-Anonymous-IP.mmdb" if code to match the result dicto the anonymous_ip object attributes (as given at https://dev.maxmind.com/geoip/docs/databases/anonymous-ip?lang=en). Updated macros.conf and transforms.conf to support the changes to the result dic. --- package/bin/SecKit_geo_lookup.py | 6 +----- package/default/macros.conf | 3 ++- package/default/transforms.conf | 2 +- 3 files changed, 4 insertions(+), 7 deletions(-) diff --git a/package/bin/SecKit_geo_lookup.py b/package/bin/SecKit_geo_lookup.py index 805c51a8..3f4b5759 100755 --- a/package/bin/SecKit_geo_lookup.py +++ b/package/bin/SecKit_geo_lookup.py @@ -97,14 +97,10 @@ def main(): anonreader = geoip2.database.Reader(anon_file) anon_response = anonreader.anonymous_ip(result[ipfield]) result["is_anonymous"] = anon_response.is_anonymous - result["is_anonymous_proxy"] = anon_response.is_anonymous_proxy result["is_anonymous_vpn"] = anon_response.is_anonymous_vpn result["is_hosting_provider"] = anon_response.is_hosting_provider - result["is_legitimate_proxy"] = anon_response.is_legitimate_proxy result["is_public_proxy"] = anon_response.is_public_proxy - result[ - "is_satellite_provider" - ] = anon_response.is_satellite_provider + result["is_residential_proxy"] = anon_response.is_residential_proxy result["is_tor_exit_node"] = anon_response.is_tor_exit_node except geoip2.errors.AddressNotFoundError: pass diff --git a/package/default/macros.conf b/package/default/macros.conf index 2549bf84..79d9212a 100644 --- a/package/default/macros.conf +++ b/package/default/macros.conf @@ -18,7 +18,8 @@ is_public_proxy as $prefix$_is_public_proxy, \ is_tor_exit_node as $prefix$_is_tor_exit_node, \ is_anonymous_vpn as $prefix$_is_anonymous_vpn, \ is_hosting_provider as $prefix$_is_hosting_provider, \ -is_anonymous as $prefix$_is_anonymous +is_anonymous as $prefix$_is_anonymous, \ +is_residential_proxy as $prefix$_is_residential_proxy iseval = 0 diff --git a/package/default/transforms.conf b/package/default/transforms.conf index 02f8139b..fea0851c 100644 --- a/package/default/transforms.conf +++ b/package/default/transforms.conf @@ -5,5 +5,5 @@ [SecKitIPLocation] python.version = python3 external_cmd = SecKit_geo_lookup.py ip -fields_list = ip,country,city,lat,long,connection_type,network,isp,isp_ip,isp_asn,isp_asn_organization,is_anonymous,is_anonymous_proxy,is_anonymous_vpn,is_hosting_provider,is_legitimate_proxy,is_public_proxy,is_satellite_provider,is_tor_exit_node +fields_list = ip,country,city,lat,long,connection_type,network,isp,isp_ip,isp_asn,isp_asn_organization,is_anonymous,is_anonymous_vpn,is_hosting_provider,is_public_proxy,is_residential_proxy,is_tor_exit_node