From 6bcd6d462866808e1e5f87058262f5ea1db1d2b0 Mon Sep 17 00:00:00 2001
From: Michal 'vorner' Vaner <michal.vaner@nic.cz>
Date: Wed, 20 Jan 2016 10:30:45 +0100
Subject: [PATCH] export_fake: Consider the blacklist addresses

Don't include the addresses excluded from analysis into the export.
Also, reuse some code from the builders of address lists.
---
 src/master/dbscripts/export_fake.pl | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/src/master/dbscripts/export_fake.pl b/src/master/dbscripts/export_fake.pl
index 32488ea3..22acc35c 100755
--- a/src/master/dbscripts/export_fake.pl
+++ b/src/master/dbscripts/export_fake.pl
@@ -1,7 +1,12 @@
 #!/usr/bin/perl
 use common::sense;
 use DBI;
-use Config::IniFiles;
+
+# Look for libraries also in the same directory as the script lives
+use FindBin;
+use lib $FindBin::Bin;
+
+use AddrStoreBuild;
 
 my @priv_rex = (
 	qr/^192\.168\./,
@@ -13,20 +18,25 @@ my @priv_rex = (
 	} 16..31
 );
 
-my $cfg = Config::IniFiles->new(-file => $ARGV[0]) or die "Couldn't read config file $ARGV[0]: @Config::IniFiles::errors\n";
-shift @ARGV;
-my ($host, $db, $user, $passwd, $port) = map { $cfg->val('db', $_) } qw(host db user passwd port);
-my $dbh = DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port", $user, $passwd, { RaiseError => 1, AutoCommit => 0 });
-my $stm = $dbh->prepare("SELECT server, remote, remote_port, local, local_port, start_time_utc, end_time_utc FROM fake_bad_connections WHERE DATE(end_time_utc) = ? ORDER BY server, remote, local");
+# Don't confuse with a blacklist we're building. This is a blacklist for analysis ‒ „ignore these addresses when looking for bad guys“
+my $omit_addresses = blacklist_load;
+
+my $dbh = db_connect;
+
+shift @ARGV; # Eat the config file path
+
+my $stm = $dbh->prepare("SELECT server, remote, remote_port, local, local_port, start_time_utc, end_time_utc FROM fake_bad_connections WHERE DATE(COALESCE(end_time_utc, start_time_utc)) = ? ORDER BY server, remote, local");
 for my $d (@ARGV) {
 	my %files;
 	$stm->execute($d);
 	LINE:
 	while (my ($server, @data) = $stm->fetchrow_array) {
+		my $remote = $data[0];
 		my $local = $data[2];
 		for my $rex (@priv_rex) {
 			next LINE if $local =~ $rex;
 		}
+		next LINE if exists $omit_addresses->{$remote};
 		if (not exists $files{$server}) {
 			open my $file, '>:utf8', "$server-$d.csv" or die "Couldn't write file '$server-$d.csv': $!\n";
 			print $file "remote,remote_port,local,local_port,start,end\n";
-- 
GitLab