First check-in

README.md

@@ -1,2 +1,52 @@
 # rpki-as0-bogons
-Slurm file generator for bogons with AS0 as origin
+
+SLURM file generator for bogons with AS0 as origin.
+
+This script generates a JSON file compatible with [RFC8416](https://www.rfc-editor.org/rfc/rfc8416.txt) to be used for a local validator.
+
+The script takes bogon files from the [Team Cymru Bogon Reference](https://www.team-cymru.com/bogon-reference.html) and turns them into a SLURM file.  All the networks are added to the SLURM file with origin: AS0 and with a default MaxPrefix of 32 for IPv4 and 128 for IPv6.
+
+Once loaded in a validator, this file will suggest the validating software to create "fake" ROAs for these networks.  If your network performs origin validation and applies "Invalid: Reject" policies, any BGP announcement of these networks coming from your peers or upstreams should be discarded.
+
+## Installation
+
+You can find the software on PyPi, so you can install it easily via pip.
+
+```shell
+# pip3 install rpki-as0-bogon
+```
+
+## Usage
+
+```shell
+usage: rpki-as0-bogons [-h] [-f DEST_FILE]
+
+A script to generate a SLURM file for all bogons with origin AS0
+
+optional arguments:
+  -h, --help    show this help message and exit
+  -f DEST_FILE  File to be created with all the SLURM content
+```
+
+## Using it with a validator
+
+### Routinator
+
+You should start routinator with the *-x* switch, providing the path to the file (the file is saved by the tool into */usr/local/etc/slurm.json*)
+
+### RIPE NCC Validator 3
+
+You can use curl to supply the file to the validator:
+
+```shell
+/usr/local/bin/curl -X POST -F "file=slurm.json" localhost:8080/api/slurm/upload
+```
+
+### Forth
+
+Use the *--slurm* option when running the software.
+
+## Recommendations
+
+Since the bogon files are updated daily, a daily run via cron is suggested for this tool.
+

requirements.txt

@@ -0,0 +1 @@
+requests

rpki_as0_bogons/__init__.py

@@ -0,0 +1,7 @@
+__version__ = "0.0.4"
+__author__ = "Massimiliano Stucchi"
+__author_email__ = "max@stucchi.ch"
+__copyright__ = "Copyright 2020, Massimiliano Stucchi"
+__license__ = "BSD"
+__status__ = "Stable"
+__url__ = "https://github.com/stucchimax/rpki-as0-bogons"

rpki_as0_bogons/slurm.py

@@ -0,0 +1,97 @@
+#!/usr/bin/env python3
+# Copyright (c) 2020, Massimiliano Stucchi
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice, this
+#   list of conditions and the following disclaimer.
+#
+#2. Redistributions in binary form must reproduce the above copyright notice,
+#   this list of conditions and the following disclaimer in the documentation
+#   and/or other materials provided with the distribution.
+#
+#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+#AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+#IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+#FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+#DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+#SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+#CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+#OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+#OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+import argparse
+import json
+import requests
+
+def main():
+
+    parser = argparse.ArgumentParser(
+            description='A script to generate a SLURM file for all bogons with origin AS0')
+
+    parser.add_argument("-f",
+            dest='dest_file',
+            default="/usr/local/etc/bogons.slurm.txt",
+            help="File to be created with all the SLURM content")
+
+    args = parser.parse_args()    
+
+    ipv4_bogons = "https://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt"
+    ipv6_bogons = "https://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt"
+
+    output = {}
+
+    output['slurmVersion'] = 1
+    output["validationOutputFilters"] = {}
+    output["validationOutputFilters"]["prefixFilters"] = []
+    output["validationOutputFilters"]["bgpsecFilter"] = []
+    output["locallyAddedAssertions"] = {}
+    output["locallyAddedAssertions"]["prefixAssertions"] = []
+    output["locallyAddedAssertions"]["bgpsecAssertions"] = []
+
+    roas = []
+
+    r = requests.get(ipv4_bogons)
+
+    bogons = r.text.split("\n")
+
+    # Remove the first and the last line
+    bogons.pop(0)
+    bogons.pop()
+
+    for network in bogons:
+        new_entry = {}
+        new_entry['asn'] = 0
+        new_entry['prefix'] = network
+        new_entry['maxPrefixLength'] = 32
+
+        roas.append(new_entry)
+
+
+    r = requests.get(ipv6_bogons)
+
+    bogons = r.text.split("\n")
+
+    # Remove the first and the last line
+    bogons.pop(0)
+    bogons.pop()
+
+    for network in bogons:
+        new_entry = {}
+        new_entry['asn'] = 0
+        new_entry['prefix'] = network
+        new_entry['maxPrefixLength'] = 128
+
+        roas.append(new_entry)
+
+
+    output['locallyAddedAssertions']["prefixAssertions"] = roas
+
+    with open(args.dest_file, "w") as f:
+        f.write(json.dumps(output, indent=2))
+
+if __name__ == "__main__":
+    main()

setup.py

@@ -0,0 +1,82 @@
+#!/usr/bin/env python3
+# Copyright (c) 2020, Massimiliano Stucchi
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice, this
+#   list of conditions and the following disclaimer.
+#
+#2. Redistributions in binary form must reproduce the above copyright notice,
+#   this list of conditions and the following disclaimer in the documentation
+#   and/or other materials provided with the distribution.
+#
+#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+#AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+#IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+#FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+#DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+#SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+#CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+#OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+#OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+
+import rpki_as0_bogons
+version = rpki_as0_bogons.__version__
+
+import codecs
+import os
+import sys
+
+from os.path import abspath, dirname, join
+from setuptools import setup, find_packages
+
+here = abspath(dirname(__file__))
+
+
+def parse_requirements(filename):
+    """ load requirements from a pip requirements file """
+    lineiter = (line.strip() for line in open(filename))
+    return [line for line in lineiter if line and not line.startswith("#")]
+
+with codecs.open(join(here, 'README.md'), encoding='utf-8') as f:
+    README = f.read()
+
+if sys.argv[-1] == 'publish':
+    os.system('python3 setup.py sdist upload')
+    print("You probably want to also tag the version now:")
+    print(("  git tag -a %s -m 'version %s'" % (version, version)))
+    print("  git push --tags")
+    sys.exit()
+
+install_reqs = parse_requirements('requirements.txt')
+reqs = install_reqs
+
+setup(
+    name='rpki-as0-bogons',
+    version=version,
+    maintainer="Massimiliano Stucchi",
+    maintainer_email='max@stucchi.ch',
+    url='https://github.com/stucchimax/rpki-as0-bogons',
+    description='RPKI AS0 Slurm file generator for bogons',
+    long_description=README,
+    long_description_content_type="text/markdown",
+    license='BSD',
+    keywords='rpki prefix routing networking',
+    setup_requires=reqs,
+    install_requires=reqs,
+    classifiers=[
+        'Intended Audience :: Developers',
+        'Topic :: Software Development :: Libraries :: Python Modules',
+        'Topic :: System :: Networking',
+        'License :: OSI Approved :: BSD License',
+        'Programming Language :: Python :: 3 :: Only'
+    ],
+    packages=find_packages(exclude=['tests', 'tests.*']),
+    entry_points={'console_scripts':
+                  ['rpki-as0-bogons = rpki_as0_bogons.slurm:main']},
+)